BeyondTrust critical pre-authentication remote code execution vulnerability (CVE-2026-1731)
CVE number = CVE-2026-1731
On February 10th 2026, a proof-of-concept exploit for CVE-2026-1731—a critical pre-authentication remote code execution flaw affecting BeyondTrust Remote Support and Privileged Remote Access—was published on GitHub.
CVE-2026-1731 is an OS command injection flaw (CVSS v4: 9.9) that lets an unauthenticated attacker execute arbitrary commands on a BeyondTrust Remote Support or Privileged Remote Access server. No credentials required. No user interaction needed. Low complexity to exploit.
Further details – https://nvd.nist.gov/vuln/detail/CVE-2026-1731

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.
