February 2026 Vulnerability Report

Vulnerability-Lookup
,
1

We’ve just published the February Vulnerability Report, generated with data aggregated on Vulnerability-Lookup.

As usual, this report is possible thanks to the contributions of our amazing community, and projects such as MISP Project (@misp@misp-community.org ), rulezet, The Shadowserver Foundation, The Metasploit Project, and more (Tools – Vulnerability-Lookup).
Thank you! :folded_hands:

Read the full report here:

:backhand_index_pointing_right: Vulnerability Report - February 2026 – Vulnerability-Lookup

This report features a new section dedicated to detection rules (Suricata, Yara, Zeek, Sigma, etc.) found in the wild thanks to Rulezet (https://rulezet.org/).

:pushpin: Key highlights:

February 2026 was led by CVE-2026-1731 (CVE-2026-1731 - Vulnerability-Lookup), a Critical-severity issue affecting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA), with 158 sightings. It was followed closely by CVE-2026-2441 (CVE-2026-2441 - Vulnerability-Lookup) in Google Chrome with 143 sightings.

Microsoft-related vulnerabilities were also prominent in the top 10, including CVE-2026-20841 (CVE-2026-20841 - Vulnerability-Lookup) (Windows Notepad) and CVE-2026-21509 (CVE-2026-21509 - Vulnerability-Lookup) (Microsoft 365 Apps for Enterprise). Other heavily sighted entries spanned enterprise recovery and networking products such as Dell RecoverPoint for Virtual Machines (CVE-2026-22769 (CVE-2026-22769 - Vulnerability-Lookup)) and Cisco Catalyst SD-WAN Manager (CVE-2026-20127 (CVE-2026-20127 - Vulnerability-Lookup)), as well as platform and tooling ecosystems like Apple macOS (CVE-2026-20700), Ivanti Endpoint Manager Mobile (CVE-2026-1281 (CVE-2026-1281 - Vulnerability-Lookup)), and n8n (CVE-2026-25049 (CVE-2026-25049 - Vulnerability-Lookup)).

:backhand_index_pointing_right: Read the full report here:

:folded_hands: Thank you to all the contributors!

Don’t hesitate to create an account on the instance operated by CIRCL (Computer Incident Response Center Luxembourg):

:backhand_index_pointing_right: https://vulnerability.circl.lu/

:euro_banknote::european_union: Funding

The Federated European Team for Threat Analysis FETTA (EU Funding & Tenders Portal) aims to enhance Cyber Threat Intelligence (CTI) products across the EU, supporting coordinated reporting and reducing redundancy among SOCs and CSIRTs.

#CyberSecurity vulnerability vulnerabilityreport forecast

1 Like