PROBABLYPWNED
Home/Tag/Rce

Rce

84 articles tagged with "Rce"

WordPress Plugin RCE Under Mass Exploitation — 29K Attacks
Vulnerabilities4 min read

WordPress Plugin RCE Under Mass Exploitation — 29K Attacks

CVE-2026-3300 in Everest Forms Pro allows unauthenticated attackers to execute PHP code via eval() injection. Over 29,300 exploit attempts blocked since April despite patch availability.

Vulnerability DeskJun 6, 2026
Flowise One-Click RCE — Import a Chatflow, Lose Your Server
Vulnerabilities3 min read

Flowise One-Click RCE — Import a Chatflow, Lose Your Server

CVE-2026-40933 (CVSS 9.9) allows attackers to compromise self-hosted Flowise AI agent builders by tricking users into importing a malicious chatflow. The payload executes during import without user action.

Vulnerability DeskMay 31, 2026
Apache HTTP/2 Double-Free Enables DoS and RCE
Vulnerabilities4 min read

Apache HTTP/2 Double-Free Enables DoS and RCE

CVE-2026-23918 in Apache HTTP Server 2.4.66 lets attackers crash workers trivially or achieve remote code execution through a double-free in mod_http2. Upgrade to 2.4.67 immediately.

Vulnerability DeskMay 23, 2026
SEPPMail Gateway Flaws Enable Complete Mail System Takeover
Vulnerabilities4 min read

SEPPMail Gateway Flaws Enable Complete Mail System Takeover

Seven vulnerabilities including CVE-2026-2743 (CVSS 10.0) allow unauthenticated attackers to compromise SEPPMail secure email gateways, read all traffic, and establish persistent access. Patch to 15.0.4 immediately.

Vulnerability DeskMay 20, 2026
Microsoft Fixes 120 Flaws in May Patch Tuesday, 17 Critical
Vulnerabilities3 min read

Microsoft Fixes 120 Flaws in May Patch Tuesday, 17 Critical

Microsoft's May 2026 Patch Tuesday addresses 120 vulnerabilities including 17 critical RCE flaws. No zero-days, but Word preview pane attacks and Netlogon bugs demand immediate attention.

Vulnerability DeskMay 13, 2026
FortiSandbox Auth Bypass and RCE Flaws Score CVSS 9.1
Vulnerabilities3 min read

FortiSandbox Auth Bypass and RCE Flaws Score CVSS 9.1

Fortinet patches two critical FortiSandbox vulnerabilities allowing unauthenticated attackers to bypass authentication and execute code. Upgrade to 4.4.9 or 5.0.6 immediately.

Vulnerability DeskApr 18, 2026
13-Year-Old ActiveMQ Bug Found by Claude AI Enables RCE
Vulnerabilities4 min read

13-Year-Old ActiveMQ Bug Found by Claude AI Enables RCE

CVE-2026-34197 exposes Apache ActiveMQ to remote code execution via the Jolokia API. Horizon3 researcher used Claude to uncover the flaw in under 10 minutes. Patch now.

Vulnerability DeskApr 8, 2026
PraisonAI Sandbox Bypass Scores Perfect CVSS 10
Vulnerabilities3 min read

PraisonAI Sandbox Bypass Scores Perfect CVSS 10

CVE-2026-34938 lets attackers escape PraisonAI's three-layer Python sandbox to execute arbitrary OS commands. CVSS 10 — patch to version 1.5.90 immediately.

Vulnerability DeskApr 4, 2026