66 articles tagged with "Rce"
CVE-2026-48095 in 7-Zip allows attackers to execute arbitrary code through malicious NTFS images. CVSS 8.8 - update to v26.01 immediately.
CVE-2026-23918 in Apache HTTP Server 2.4.66 lets attackers crash workers trivially or achieve remote code execution through a double-free in mod_http2. Upgrade to 2.4.67 immediately.
Security researchers disclose nginx-poolslip, an unpatched zero-day in NGINX 1.31.0 that defeats ASLR protection. Millions of servers at risk with no CVE or fix available yet.
Seven vulnerabilities including CVE-2026-2743 (CVSS 10.0) allow unauthenticated attackers to compromise SEPPMail secure email gateways, read all traffic, and establish persistent access. Patch to 15.0.4 immediately.
CVE-2026-42945 is a critical heap buffer overflow in NGINX's rewrite module that went undetected since 2008. CVSS 9.2 with public PoC available—patch now.
CVE-2026-45185 is a critical use-after-free vulnerability in Exim mail servers using GnuTLS. XBOW researchers call it one of the highest-caliber bugs found in Exim.
Microsoft's May 2026 Patch Tuesday addresses 120 vulnerabilities including 17 critical RCE flaws. No zero-days, but Word preview pane attacks and Netlogon bugs demand immediate attention.
Fortinet discloses CVE-2026-44277 and CVE-2026-26083, unauthenticated RCE flaws affecting FortiSandbox and FortiAuthenticator. Patch now before attackers weaponize these.
CVE-2026-44211 (CVSS 9.7) allowed malicious websites to hijack Cline's Kanban WebSocket server, exfiltrate workspace data, and execute arbitrary commands through the AI agent. Patched in v0.1.66.
Two vulnerabilities in AzuraCast radio automation software enable authenticated RCE via path traversal and unauthenticated account takeover through password reset poisoning. Upgrade to 0.23.6 now.
CVE-2026-23918 in Apache 2.4.66 lets attackers crash servers or achieve code execution with just two HTTP/2 frames. Upgrade to 2.4.67 immediately.
CVE-2026-0300 allows unauthenticated attackers to execute code as root on PA-Series and VM-Series firewalls. Patches coming May 13—here's how to mitigate now.
Critical ISE vulnerabilities let authenticated users escalate to root. Read-only admin accounts can execute arbitrary commands on underlying OS.
CVE-2026-34197 lets attackers execute arbitrary code via ActiveMQ's Jolokia API. CISA mandates federal patching by April 30 as exploitation peaks.
Critical code injection vulnerability (GHSA-xq3m-2v4x-88gg, CVSS 9.9) in protobuf.js allows arbitrary JavaScript execution via malicious schemas. Patch now.
CVE-2026-40478 bypasses Thymeleaf's expression protections, allowing attackers to execute arbitrary Java code through crafted template input. Upgrade to 3.1.4.RELEASE now.
Fortinet patches two critical FortiSandbox vulnerabilities allowing unauthenticated attackers to bypass authentication and execute code. Upgrade to 4.4.9 or 5.0.6 immediately.
Critical CVSS 9.8 command injection vulnerability in Totolink A7100RU routers enables unauthenticated remote code execution. Public exploit available, no patch released.
CVE-2026-39987 in Marimo Python notebooks allows unauthenticated RCE via terminal WebSocket. Attackers weaponized it within hours. Patch to 0.23.0 now.
CVE-2026-25776 (CVSS 9.8) enables remote code execution through Movable Type's Listing Framework. Affects versions 6.0+. Patches available for MT 9, 8.8, 8.0.
CVE-2026-39888 bypasses PraisonAI's Python sandbox via exception frame traversal. Attackers chain __traceback__ attributes to reach exec(). Patch to 1.5.115.
CVE-2026-34197 exposes Apache ActiveMQ to remote code execution via the Jolokia API. Horizon3 researcher used Claude to uncover the flaw in under 10 minutes. Patch now.
Critical code injection vulnerability CVE-2025-59528 in Flowise AI agent builder scores maximum CVSS 10.0 and is under active exploitation. Over 12,000 instances are publicly accessible.
AI-discovered vulnerabilities bypass all security policies including 'secure' mode. Most servers won't receive fixes until 2027 without manual intervention.
CVE-2026-34838 lets authenticated attackers achieve RCE on Group-Office CRM servers via insecure deserialization. Upgrade to patched versions immediately.
CVE-2026-2699 and CVE-2026-2701 combine to let unauthenticated attackers take over ShareFile Storage Zone Controllers. Patches available since March 10.
CVE-2026-35616 lets attackers bypass API authentication in FortiClient EMS 7.4.5-7.4.6 for unauthenticated RCE. Exploitation began March 31. Emergency hotfixes available.
CVE-2026-34938 lets attackers escape PraisonAI's three-layer Python sandbox to execute arbitrary OS commands. CVSS 10 — patch to version 1.5.90 immediately.
CVE-2026-32746 (CVSS 9.8) in GNU InetUtils telnetd enables unauthenticated root RCE via buffer overflow. FreeBSD, NetBSD, Citrix NetScaler affected.
Trend Micro ZDI disclosed a CVSS 9.8 flaw enabling device takeover via animated stickers. Telegram says the vulnerability doesn't exist. No patch until July 2026.
CVE-2026-21643 exploitation began March 26, six weeks after Fortinet's patch. Around 1,000 internet-exposed EMS instances remain vulnerable to unauthenticated RCE.
CVE-2026-33660 (CVSS 9.4) lets authenticated users escape n8n's AlaSQL sandbox via the Merge node. Over 615,000 public instances potentially vulnerable.
Critical deserialization flaw CVE-2026-4681 in PTC Windchill and FlexPLM threatens manufacturing sector. German federal police dispatched to warn companies of imminent exploitation.
n8n patches CVE-2026-27577, CVE-2026-27493, and two more sandbox escapes. One flaw allows unauthenticated attackers to execute commands via public form endpoints.
Three vulnerabilities in AVideo's CloneSite plugin chain together for unauthenticated remote code execution. CVE-2026-33478 has no patch available as attackers can extract admin credentials and inject OS commands.
CVE-2026-21992 scores CVSS 9.8 and allows unauthenticated remote code execution on Oracle Identity Manager and Web Services Manager. Patch immediately.
Veeam releases emergency patches for five critical RCE vulnerabilities (CVSS 9.9) affecting Backup & Replication. Domain users can fully compromise backup servers.
CVE-2025-68613 allows authenticated attackers to execute arbitrary code on n8n workflow servers. CISA gives federal agencies until March 25 to patch.
Critical command injection and SQL bypass vulnerabilities in Tencent's WeKnora LLM framework allow unauthenticated RCE. Patch to versions 0.2.10 and 0.2.12 now.
CVE-2026-28289 allows unauthenticated attackers to achieve full server compromise by sending a single crafted email. CVSS 10.0—patch to 1.8.207 now.
Critical insecure deserialization vulnerability in U-Office Force allows remote attackers to execute arbitrary code without authentication. CVSS 9.8, no patch available yet.
Critical CVE-2026-21902 in Junos OS Evolved allows remote attackers to gain root access on PTX routers via exposed anomaly detection service. Patch now.
CVE-2026-2251 is a CVSS 9.8 path traversal vulnerability in Xerox FreeFlow Core that enables unauthenticated remote code execution. Upgrade to version 8.1.0 now.
CVE-2025-40540 is a critical type confusion vulnerability in SolarWinds Serv-U with CVSS 9.1. Attackers with admin access can execute arbitrary code.
New n8n RCE flaw bypasses December patch through type confusion. CVSS 9.4 vulnerability enables unauthenticated command execution via malicious workflows.
CVE-2026-21643 allows unauthenticated attackers to chain SQL injection with command execution in FortiClient EMS. CVSS 9.8 affects version 7.4.4—upgrade to 7.4.5 immediately.
CVE-2026-1731 allows unauthenticated remote code execution on BeyondTrust Remote Support and Privileged Remote Access products. CVSS 9.9 vulnerability affects 11,000+ exposed instances.
CVE-2026-22778 chains a heap leak and buffer overflow in vLLM's video processing to achieve full RCE on AI inference servers. Patch to 0.14.1 now.