Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA updates KEV entry for CVE-2026-1731

Public Sector Action
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

CISA updated its KEV catalog entry for CVE-2026-1731, confirming the flaw has been used in ransomware campaigns and elevating its government-tracked risk. The update matters because it turns ongoing exploitation into an explicit federal signal for defenders monitoring this vulnerability. It also links the issue to a broader wave of real-world abuse against BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA).

Related Happenings

BeyondTrust Remote Support and Privileged Remote Access critical fixes

Security Patch Release
H score38 First: 07.07.2026 08:16 Last: 07.07.2026 08:16 Sources 1

About this happening: **BeyondTrust** released **RS 25.3.3** and **PRA 25.3.3** to fix **four critical vulnerabilities** in its remote-access appliances, including **pre-authentication access-control b...

Ubiquiti UniFi OS actively exploited access control bypass, traversal, and RCE flaws (multiple vulnerabilities)

Vulnerability
H score43 First: 24.06.2026 17:35 Last: 24.06.2026 17:35 Sources 1

About this happening: **Ubiquiti UniFi OS** now has **three actively exploited CVEs** that can let attackers make unauthorized changes, expose sensitive files, and reach **remote code execution** on vu...

SimpleHelp remote management software privileged technician account creation security flaw (CVE-2026-48558)

Vulnerability
H score46 First: 15.06.2026 23:06 Last: 15.06.2026 23:06 Sources 1

About this happening: **CVE-2026-48558** is a **critical authentication bypass** in **SimpleHelp RMM** that affects **OIDC authentication** and can let an unauthenticated attacker forge a token and obt...

Splunk Enterprise security update for CVE-2026-20253

Security Patch Release
H score52 First: 13.06.2026 16:23 Last: 13.06.2026 16:23 Sources 1

About this happening: **Splunk** released **security updates** for **CVE-2026-20253**, fixing a critical **Splunk Enterprise** flaw that could enable unauthenticated file operations and **remote code e...

PAN-OS GlobalProtect CVE-2026-0257 exploitation wave

Exploitation Wave
H score18 First: 01.06.2026 11:30 Last: 01.06.2026 11:30 Sources 1

About this happening: A **CVE-2026-0257** exploitation wave is hitting **Palo Alto Networks PAN-OS GlobalProtect** appliances, creating **unauthorized VPN access** risk for **multiple customers**. **Ra...

Timeline

  1. 20.02.2026 17:45 2 articles · 4mo ago

    CISA updates KEV entry for CVE-2026-1731

    Industry Or Public Sector Update

    CISA updates its Known Exploited Vulnerabilities (KEV) catalog entry for CVE-2026-1731 affecting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA), confirming that the flaw has been exploited in ransomware campaigns and placing the issue under formal government tracking.

    Show sources