13 June 2026

Advisory ID: BT26-02

CVE-2026-1731

 

BeyondTrust Remote Support and older versions of Privileged Remote Access contain a critical pre-authentication remote code execution vulnerability that may be triggered through specially crafted client requests. Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption.

 

  • Synopsis: Remote code execution in Remote Support (RS) and Privileged Remote Access (PRA)
  • Affected Product: Remote Support (RS) and Privileged Remote Access (PRA)

 

Observed exploitation activity has been limited to internet-facing, self-hosted environments where the patch had not been applied before February 9, 2026.

 

Important: BeyondTrust is strongly encouraging all self-hosted customers who had internet-exposed instances that remained unpatched as of February 9 to take immediate action to apply the recommended updates and open a “Severity 1” ticket to BeyondTrust support, citing “BT26-02” in the description.

 

Affected Versions:

Remote Support – 25.3.1 and prior

Privileged Remote Access – 24.3.4 and prior

8 June 2026

CyberArk is now Idira® – Next-Generation Identity Security Platform

On June 8th, CyberArk announced its rebrand to Idira®, a next-generation identity security platform built on CyberArk’s foundations and powered by Palo Alto Networks.

 

The transition is being rolled out in phases:

 

  • Phase 1 (Visual updates): New Idira branding will begin appearing across the product UI, documentation, and automated system emails.
  • Subsequent phases: Technical touchpoints such as product URLs and APIs will remain unchanged for now. Further updates will be communicated in advance.

 

For full details on what’s changing, visit the Idira FAQ page.

27 May 2026

CyberArk: CA26-23 – Incomplete IIS documentation for the z/OS Central Credential Provider (CCP) can cause weak authentication.

Impact: Incomplete configuration instructions in the documentation for the IIS that hosts the Central Credential Provider (CCP) for the z/OS Credential Provider can lead to weak authentication.

 

CA26-23 involves a Critical severity issue that affects:

  • z/OS Credential Provider, all versions.

For complete details on the vulnerabilities, recommendations, and update instructions, please review the Security Bulletin, that can be found in the Technical Community:

 

https://www.cyberark.com/ca26-23

 

Learn more by visiting Product Security | CyberArk

 

22 May 2026

CyberArk: CA26-22 – Possible Denial of Service (DoS) attack on HTML5 Gateway server.

Wednesday, May 20th, CyberArk released Security Bulletin: CA26-22.
Impact: Possible Denial of Service (DoS) attack on HTML5 Gateway server.

 

CA26-22 involves High severity issues that affects:

 

• HTML5 Gateway Container and RPM, Self-Hosted, All versions prior to version 15.0 (inclusive).

For complete details on the vulnerabilities, recommendations, and update instructions, please review the Security Bulletins, that can be found in the Technical Community (links below).
https://community.cyberark.com/s/article/CyberArk-Security-Bulletin-CA26-22
Learn more by visiting https://www.cyberark.com/product-security

1 2 3 11