Critical Vulnerabilities in BeyondTrust Remote Support and Privileged Remote Access (CVE-2026-40138, CVE-2026-40139)
Two pre-authentication flaws CVE-2026-40138 and CVE-2026-40139 disclosed in BeyondTrust Remote Support and Privileged Remote Access let attackers bypass authentication and reach the appliance, including privileged accounts, when a specific authentication configuration is enabled.