<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-08T15:07:21.831038+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c5e3edb9-093f-4edd-9ab6-020ea30d0402/export</id>
    <title>c5e3edb9-093f-4edd-9ab6-020ea30d0402</title>
    <updated>2026-07-08T15:07:21.848400+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c5e3edb9-093f-4edd-9ab6-020ea30d0402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/netsecio.bsky.social/post/3mq5ept3hka2f", "content": "\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\n\ud83c\udf10 cyber[.]netsecops[.]io", "creation_timestamp": "2026-07-08T14:53:28.811732Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c5e3edb9-093f-4edd-9ab6-020ea30d0402/export"/>
    <published>2026-07-08T14:53:28.811732+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5b279e8a-de8d-473b-8b3e-7bc837680ded/export</id>
    <title>5b279e8a-de8d-473b-8b3e-7bc837680ded</title>
    <updated>2026-07-08T15:07:21.850677+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5b279e8a-de8d-473b-8b3e-7bc837680ded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116884921728737765", "content": "\ud83d\udcf0 BeyondTrust Patches Critical Flaws in Remote Support and Privileged Access Tools\n\ud83d\udea8 URGENT: BeyondTrust patches two CRITICAL auth bypass flaws (CVE-2026-40138, CVE-2026-40139) in its Remote Support &amp;amp; Privileged Remote Access tools. Unauthenticated remote access is possible. Patch NOW. #Vulnerability #PAM #CyberSecurity\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/beyondtrust-patches-critical-authentication-bypass-flaws-in-remote-access-tools/?utm\u2026", "creation_timestamp": "2026-07-08T14:52:49.266968Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5b279e8a-de8d-473b-8b3e-7bc837680ded/export"/>
    <published>2026-07-08T14:52:49.266968+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/64902bb9-c761-4795-8a3b-a60c66d6c966/export</id>
    <title>64902bb9-c761-4795-8a3b-a60c66d6c966</title>
    <updated>2026-07-08T15:07:21.850980+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "64902bb9-c761-4795-8a3b-a60c66d6c966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq4fmy574g2o", "content": "\ud83d\udccc CVE-2026-40138 - A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Imprope... https://www.cyberhub.blog/cves/CVE-2026-40138", "creation_timestamp": "2026-07-08T05:37:07.483812Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/64902bb9-c761-4795-8a3b-a60c66d6c966/export"/>
    <published>2026-07-08T05:37:07.483812+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/91f99877-668f-4ebe-b18e-7c5dfa09820d/export</id>
    <title>91f99877-668f-4ebe-b18e-7c5dfa09820d</title>
    <updated>2026-07-08T15:07:21.851229+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "91f99877-668f-4ebe-b18e-7c5dfa09820d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "content": "BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-40138 (CVSS score: 9.2) - A pre-authentication vulnerability exists in the", "creation_timestamp": "2026-07-08T01:00:53.755431Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/91f99877-668f-4ebe-b18e-7c5dfa09820d/export"/>
    <published>2026-07-08T01:00:53.755431+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/28255013-1353-42a6-ba91-797549e75817/export</id>
    <title>28255013-1353-42a6-ba91-797549e75817</title>
    <updated>2026-07-08T15:07:21.851443+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "28255013-1353-42a6-ba91-797549e75817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mq2qeyc4pd2u", "content": "\ud83e\udd16 CVE-2026-40138 (CVSS 9.2): Pre-authentication bypass in BeyondTrust Remote Support &amp;amp; PRA. Unauthenticated attackers can take full control of vulnerable enterprise devices. Patch now.\n\nhttps://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "creation_timestamp": "2026-07-07T13:44:10.686730Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/28255013-1353-42a6-ba91-797549e75817/export"/>
    <published>2026-07-07T13:44:10.686730+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3da78fb2-f72e-4717-ac46-c67cf13a5677/export</id>
    <title>3da78fb2-f72e-4717-ac46-c67cf13a5677</title>
    <updated>2026-07-08T15:07:21.851561+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3da78fb2-f72e-4717-ac46-c67cf13a5677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116878810477761772", "content": "Attention, elevated activities detected targeting BeyondTrust Remote Support and Privileged Remote Access (CVE-2026-40138) https://vuldb.com/vuln/376483/cti", "creation_timestamp": "2026-07-07T12:58:35.581642Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3da78fb2-f72e-4717-ac46-c67cf13a5677/export"/>
    <published>2026-07-07T12:58:35.581642+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9f616ac6-c678-496d-afb7-0288f018672b/export</id>
    <title>9f616ac6-c678-496d-afb7-0288f018672b</title>
    <updated>2026-07-08T15:07:21.851659+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9f616ac6-c678-496d-afb7-0288f018672b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40138", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mq2n4r5f2d2d", "content": "\ud83d\udcf0 BeyondTrust Rilis Patch untuk Dua Celah Kritis yang Memungkinkan Bypass Autentikasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/07/beyondtrust-authentication-bypass-vulnerability-patch/\n\n#beyondtrust #cve-2026-40138 #cve-2026-40139 #cve-2026-40140 #cve-2026-40141 #potatosec", "creation_timestamp": "2026-07-07T12:45:53.382623Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9f616ac6-c678-496d-afb7-0288f018672b/export"/>
    <published>2026-07-07T12:45:53.382623+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/01d34097-d345-4737-91d3-d62762357779/export</id>
    <title>01d34097-d345-4737-91d3-d62762357779</title>
    <updated>2026-07-08T15:07:21.851727+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "01d34097-d345-4737-91d3-d62762357779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40138", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq2lxpdkie2j", "content": "\ud83d\udcf0 BeyondTrust Rilis Patch untuk Dua Celah Kritis yang Memungkinkan Bypass Autentikasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/07/beyondtrust-authentication-bypass-vulnerability-patch/\n\n#beyondtrust #cve-2026-40138 #cve-2026-40139 #cve-2026-40140 #cve-2026-40141 #cybersec", "creation_timestamp": "2026-07-07T12:25:10.933688Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/01d34097-d345-4737-91d3-d62762357779/export"/>
    <published>2026-07-07T12:25:10.933688+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/20cb5cba-131c-4bdc-b079-b85c5a54b81c/export</id>
    <title>20cb5cba-131c-4bdc-b079-b85c5a54b81c</title>
    <updated>2026-07-08T15:07:21.851797+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "20cb5cba-131c-4bdc-b079-b85c5a54b81c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mq23qte7tx2b", "content": "BeyondTrust disclosed four pre-authentication vulnerabilities in its Remote Support (RS) and Privileged Remote Access (PRA) products. Two critical flaws (CVE-2026-40138 [\u2026]", "creation_timestamp": "2026-07-07T07:34:59.997487Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/20cb5cba-131c-4bdc-b079-b85c5a54b81c/export"/>
    <published>2026-07-07T07:34:59.997487+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e6b2e510-6ea6-49ab-8e68-d77437f32b40/export</id>
    <title>e6b2e510-6ea6-49ab-8e68-d77437f32b40</title>
    <updated>2026-07-08T15:07:21.851866+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e6b2e510-6ea6-49ab-8e68-d77437f32b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "content": "BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-40138 (CVSS score: 9.2) - A pre-authentication vulnerability exists in the", "creation_timestamp": "2026-07-07T07:00:49.253832Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e6b2e510-6ea6-49ab-8e68-d77437f32b40/export"/>
    <published>2026-07-07T07:00:49.253832+00:00</published>
  </entry>
</feed>
