Rapid responses
runZero’s Rapid Response program provides immediate detection and notification of emerging threats. Each Rapid Response includes a query to find matching assets, a trigger to analyze all inventories for exposure, and a corresponding blog post with the details of the issue. This program focuses on helping customers mitigate exposures before compromise.
Vulnerabilities covered by the Rapid Response program are replaced by more specific coverage as mitigations become available.
Latest Rapid Responses
| Date | Name | Type | Severity | Query | US SaaS Link | EU SaaS Link |
|---|---|---|---|---|---|---|
| 02/25/2026 | Rapid Response: Cisco Catalyst SD-WAN Controller & Manager Authentication Bypass (CVE-2026-20127) | assets | Info | hw:="Cisco vManage" OR os:="Cisco Viptela OS" | Link | Link |
| 02/19/2026 | Rapid Response: Grandstream GXP1600 Series VoIP Phone RCE (CVE-2026-2329) | assets | Critical | hw:="Grandstream GXP16__" AND (os_version:>0 AND os_version:<"1.0.7.81") | Link | Link |
| 02/18/2026 | Rapid Response: Dell RecoverPoint For Virtual Machines (CVE-2026-22769) | assets | Info | hw:="RecoverPoint for Virtual Machines" OR os:="EMC RecoverPoint" OR hw:="EMC RecoverPoint" | Link | Link |
| 02/09/2026 | Rapid Response: BeyondTrust Remote Support & Privileged Remote Access RCE (CVE-2026-1731) | services | Info | _asset.protocol:=http AND protocol:=http AND (product:="BeyondTrust Remote Support" OR product:="BeyondTrust Privileged Remote Access") AND _service.product:beyondtrust | Link | Link |
| 02/03/2026 | Rapid Response: Detected K8S Ingress-NGINX Instance | services | Info | (_asset.protocols:tls AND protocol:tls AND tls.issuer:="O=nil1" AND tls.subject:="O=nil2" AND tls.names:"%nginx%") | Link | Link |
| 02/02/2026 | Rapid Response: OpenClaw One-Click RCE Via Authentication Token (CVE-2026-25253) | software | Info | vendor:=OpenClaw product:=OpenClaw | Link | Link |
| 01/29/2026 | Rapid Response: Ivanti Endpoint Manager Mobile Multiple RCE (2026-01) | software | Info | vendor:=Ivanti AND product:="Endpoint Manager Mobile" | Link | Link |
| 01/28/2026 | Rapid Response: SolarWinds Web Help Desk Multiple Vulnerabilities (2026-01) | software | Info | vendor:=SolarWinds AND product:="Web Help Desk" | Link | Link |
| 01/27/2026 | Rapid Response: Multiple Fortinet Products Authentication Bypass (CVE-2026-24858) | assets | Info | os:="Fortinet FortiAnalyzer" OR hw:="Fortinet FortiManager" OR os:="Fortinet FortiProxy" OR (os:="Fortinet FortiOS" AND os_version:>0 AND ((os_version:>="7.0.0" AND os_version:<="7.0.18") OR (os_version:>="7.2.0" AND os_version:<="7.2.12") OR (os_version:>="7.4.0" AND os_version:<="7.4.10") OR (os_version:>="7.6.0" AND os_version:<="7.6.5"))) | Link | Link |
| 01/22/2026 | Rapid Response: Cisco Unified Communications Manager Remote Code Execution (CVE-2026-20045) | software | Info | vendor:=Cisco AND product:="Unified Communications Manager" | Link | Link |
Updated