February 17, 2026
5 days ago
Summary
- Updated how web properties with multiple endpoints are displayed in the Platform web UI. They are now collected on a single hostname and port card instead of split across multiple cards.
- Redirect chains, including start and end points, are now shown on host service and web endpoint cards in the Platform web UI.
- Three new fingerprints for macOS, FortiClient EMS, and QuestDB.
- One new Rapid Response advisory and queries for BeyondTrust Remote Support and Privileged Remote Access Flaw Allows Pre-Authentication RCE [CVE-2026-1731].
Platform
-
To improve usability, when web properties have multiple endpoints they are now collected on a single hostname and port card instead of split across multiple cards.
-
Redirect chains are now shown on host service and web endpoint cards.
New fingerprints
Added the following fingerprints.
| Type | Name | Description | Query |
|---|---|---|---|
| operating_system | Apple macOS | This is a device running Apple macOS. | Platform query |
| software | Fortinet FortiClient Endpoint Management Server | This is a FortiClient Endpoint Management Server (EMS). EMS is a security management solution that enables scalable and centralized management of multiple endpoints. | Platform query |
| software | QuestDB | This is a QuestDB instance. QuestDB is an open-source time-series database. | Platform query |
Rapid Response
The Censys Rapid Response team published information about and queries for the following issue.
-
February 10 Advisory: BeyondTrust Remote Support and Privileged Remote Access Flaw Allows Pre-Authentication RCE [CVE-2026-1731]
- The following queries can be used to identify exposed BeyondTrust Remote Support and Privileged Remote Access instances. Not all of these services are necessarily vulnerable.
