{"vulnerability": "CVE-2026-40138", "sightings": [{"uuid": "516f6042-18ad-4b5d-bba2-a5ae56b8506b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mpymjyjtts2y", "content": "CVE-2026-40138\nA security flaw in BeyondTrust Remote Support and Privileged Remote Access allows an attacker to bypass access controls and gain unauthorized access to accounts with elevated privileges. This can happen if an\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-06T17:30:04.394768Z"}, {"uuid": "100c601f-86d6-43d5-8933-220d2b163900", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpyn7p5zhe2z", "content": "CVE-2026-40138 - Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access\nCVE ID : CVE-2026-40138\n \n Published : July 6, 2026, 4:12 p.m. | 1\u00a0hour, 1\u00a0minute ago\n \n Description : A critical pre-authentication vulnerability exists in th...", "creation_timestamp": "2026-07-06T17:42:12.640539Z"}, {"uuid": "5a480092-b257-46c5-8f1e-1177d8e0301f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/securityonline.bsky.social/post/3mpynkx35vt2f", "content": "BeyondTrust patched a critical pre-authentication vulnerability (CVE-2026-40138, CVE-2026-40139, CVE-2026-40140). Update Remote Support instances now.\n\n#BeyondTrust #Vulnerability #CVE202640138 #CyberSecurity #RemoteSupport", "creation_timestamp": "2026-07-06T17:48:42.453509Z"}, {"uuid": "f3d34633-263f-4860-ac7a-8e7a77ba0081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40138", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/116874512026637035", "content": "\u203c\ufe0f New Dark Web Informer Blog Post!\nTitle: Pre-Auth Access-Control Bypass in BeyondTrust Remote Support and PRA (CVE-2026-40138)\nLink: https://darkwebinformer.com/pre-auth-access-control-bypass-in-beyondtrust-remote-support-and-pra-cve-2026-40138/", "creation_timestamp": "2026-07-06T18:45:26.331307Z"}, {"uuid": "e6b2e510-6ea6-49ab-8e68-d77437f32b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "content": "BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-40138 (CVSS score: 9.2) - A pre-authentication vulnerability exists in the", "creation_timestamp": "2026-07-07T07:00:49.253832Z"}, {"uuid": "20cb5cba-131c-4bdc-b079-b85c5a54b81c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/bitnewsbot.bsky.social/post/3mq23qte7tx2b", "content": "BeyondTrust disclosed four pre-authentication vulnerabilities in its Remote Support (RS) and Privileged Remote Access (PRA) products. Two critical flaws (CVE-2026-40138 [\u2026]", "creation_timestamp": "2026-07-07T07:34:59.997487Z"}, {"uuid": "01d34097-d345-4737-91d3-d62762357779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40138", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq2lxpdkie2j", "content": "\ud83d\udcf0 BeyondTrust Rilis Patch untuk Dua Celah Kritis yang Memungkinkan Bypass Autentikasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/07/beyondtrust-authentication-bypass-vulnerability-patch/\n\n#beyondtrust #cve-2026-40138 #cve-2026-40139 #cve-2026-40140 #cve-2026-40141 #cybersec", "creation_timestamp": "2026-07-07T12:25:10.933688Z"}, {"uuid": "9f616ac6-c678-496d-afb7-0288f018672b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-40138", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mq2n4r5f2d2d", "content": "\ud83d\udcf0 BeyondTrust Rilis Patch untuk Dua Celah Kritis yang Memungkinkan Bypass Autentikasi\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/07/beyondtrust-authentication-bypass-vulnerability-patch/\n\n#beyondtrust #cve-2026-40138 #cve-2026-40139 #cve-2026-40140 #cve-2026-40141 #potatosec", "creation_timestamp": "2026-07-07T12:45:53.382623Z"}, {"uuid": "3da78fb2-f72e-4717-ac46-c67cf13a5677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116878810477761772", "content": "Attention, elevated activities detected targeting BeyondTrust Remote Support and Privileged Remote Access (CVE-2026-40138) https://vuldb.com/vuln/376483/cti", "creation_timestamp": "2026-07-07T12:58:35.581642Z"}, {"uuid": "28255013-1353-42a6-ba91-797549e75817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/newssecia.bsky.social/post/3mq2qeyc4pd2u", "content": "\ud83e\udd16 CVE-2026-40138 (CVSS 9.2): Pre-authentication bypass in BeyondTrust Remote Support &amp; PRA. Unauthenticated attackers can take full control of vulnerable enterprise devices. Patch now.\n\nhttps://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "creation_timestamp": "2026-07-07T13:44:10.686730Z"}, {"uuid": "91f99877-668f-4ebe-b18e-7c5dfa09820d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html", "content": "BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices.\n\nThe vulnerabilities are listed below -\n\n\n  CVE-2026-40138 (CVSS score: 9.2) - A pre-authentication vulnerability exists in the", "creation_timestamp": "2026-07-08T01:00:53.755431Z"}, {"uuid": "64902bb9-c761-4795-8a3b-a60c66d6c966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-40138", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mq4fmy574g2o", "content": "\ud83d\udccc CVE-2026-40138 - A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Imprope... https://www.cyberhub.blog/cves/CVE-2026-40138", "creation_timestamp": "2026-07-08T05:37:07.483812Z"}]}