Emerging Threat: (CVE-2026-40138 & CVE-2026-40139) BeyondTrust Remote Support Authentication Bypass
CVE-2026-40138 and CVE-2026-40139 are two pre-authentication vulnerabilities in the authentication subsystem of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA), stemming from improper validation and processing of authentication data. Both carry a CVSS v3.1 base score of 9.2 (Critical).