MetasploitGet the latest Metasploit Framework update! It includes 2 new exploit modules targeting AVideo Encoder (Unauthenticated Command Injection) and FreePBX, along with LDAP query enhancements and 7 bug fixes. https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-03-20-2026/
Metasploit Wrap-Up 03/20/2026
The newest Metasploit Framework release (6.4.123) delivers 2 new exploit modules, 2 enhancements, and 7 bug fixes. Key additions include new exploit modules for: AVideo Encoder getImage.php Unauthenticated Command Injection (CVE-2026-29058). FreePBX filestore Authenticated Command Injection (CVE-2025-64328). Major enhancements include granular control for LDAP queries to skip querying SACL data on security descriptors for non-privileged users, and the addition of the new OptTimedelta datastore option type. Update your Metasploit Framework now with msfupdate.