Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA updates KEV entry for CVE-2026-1731

Public Sector Action
First reported
Last updated
Happening score
H score 51
1 unique sources, 1 articles

Summary

Hide ▲

CISA updated its KEV catalog entry for CVE-2026-1731, confirming the flaw has been used in ransomware campaigns and elevating its government-tracked risk. The update matters because it turns ongoing exploitation into an explicit federal signal for defenders monitoring this vulnerability. It also links the issue to a broader wave of real-world abuse against BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA).

Related Happenings

Apex One on-premises server directory traversal zero-day (CVE-2026-34926)

Vulnerability
First: 22.05.2026 16:39 Last: 22.05.2026 16:39 Sources 1

About this happening: **CVE-2026-34926** is a **Trend Micro Apex One** **on-premises** directory traversal zero-day that can let a privileged local attacker inject malicious code onto affected **agents...

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

SAP May 2026 security updates for Commerce Cloud and S/4HANA (15 vulnerabilities)

Security Patch Release
First: 12.05.2026 14:04 Last: 12.05.2026 14:04 Sources 1

About this happening: **SAP** released its **May 2026 security updates** for **15 vulnerabilities** across **Commerce Cloud**, **S/4HANA**, and other products, including **two critical flaws** that can...

Open Happening

Zimbra Collaboration Suite actively exploited XSS flaw (CVE-2025-48700)

Vulnerability
First: 24.04.2026 16:35 Last: 24.04.2026 16:35 Sources 1

About this happening: **CVE-2025-48700** is an **actively exploited XSS flaw** in **Zimbra Collaboration Suite (ZCS)** that can let unauthenticated attackers run JavaScript inside a user's session and...

Open Happening

LMDeploy SSRF flaw (CVE-2026-33626, actively exploited)

Vulnerability
First: 24.04.2026 10:24 Last: 24.04.2026 10:24 Sources 1

About this happening: **LMDeploy CVE-2026-33626** is being **actively exploited** within **13 hours** of disclosure, turning a **vision-language SSRF flaw** into a path to **cloud credentials** and **i...

Open Happening

Timeline

  1. 20.02.2026 17:45 2 articles · 3mo ago

    CISA updates KEV entry for CVE-2026-1731

    Industry Or Public Sector Update

    CISA updates its Known Exploited Vulnerabilities (KEV) catalog entry for CVE-2026-1731 affecting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA), confirming that the flaw has been exploited in ransomware campaigns and placing the issue under formal government tracking.

    Show sources
    Open in new tab