Rapid responses
runZero’s Rapid Response program provides immediate detection and notification of emerging threats. Each Rapid Response includes a query to find matching assets, a trigger to analyze all inventories for exposure, and a corresponding blog post with the details of the issue. This program focuses on helping customers mitigate exposures before compromise.
Vulnerabilities covered by the Rapid Response program are replaced by more specific coverage as mitigations become available.
Latest Rapid Responses
| Date | Name | Type | Severity | Query | US SaaS Link | EU SaaS Link |
|---|---|---|---|---|---|---|
| 02/03/2026 | Rapid Response: Detected K8S Ingress-NGINX Instance | services | Info | (_asset.protocols:tls AND protocol:tls AND tls.issuer:="O=nil1" AND tls.subject:="O=nil2" AND tls.names:"%nginx%") | Link | Link |
| 02/02/2026 | Rapid Response: OpenClaw One-Click RCE Via Authentication Token (CVE-2026-25253) | software | Info | vendor:=OpenClaw product:=OpenClaw | Link | Link |
| 01/29/2026 | Rapid Response: Ivanti Endpoint Manager Mobile Multiple RCE (2026-01) | software | Info | vendor:=Ivanti AND product:="Endpoint Manager Mobile" | Link | Link |
| 01/28/2026 | Rapid Response: SolarWinds Web Help Desk Multiple Vulnerabilities (2026-01) | software | Info | vendor:=SolarWinds AND product:="Web Help Desk" | Link | Link |
| 01/27/2026 | Rapid Response: Multiple Fortinet Products Authentication Bypass (CVE-2026-24858) | assets | Info | os:="Fortinet FortiAnalyzer" OR hw:="Fortinet FortiManager" OR os:="Fortinet FortiProxy" OR (os:="Fortinet FortiOS" AND os_version:>0 AND ((os_version:>="7.0.0" AND os_version:<="7.0.18") OR (os_version:>="7.2.0" AND os_version:<="7.2.12") OR (os_version:>="7.4.0" AND os_version:<="7.4.10") OR (os_version:>="7.6.0" AND os_version:<="7.6.5"))) | Link | Link |
| 01/22/2026 | Rapid Response: Cisco Unified Communications Manager Remote Code Execution (CVE-2026-20045) | software | Info | vendor:=Cisco AND product:="Unified Communications Manager" | Link | Link |
Updated