rce Archives • Daily CyberSecurity

Splunk CVE-2026-20253: CVSS 9.8 RCE Exploited in the Wild Splunk CVE-2026-20253 remote code execution vulnerability diagram

Splunk CVE-2026-20253: CVSS 9.8 RCE Exploited in the Wild

Do Son June 18, 2026

The cybersecurity landscape faces a critical threat today. CISA confirmed active exploitation of Splunk CVE-2026-20253. Consequently,...

Vitest RCE Vulnerability (CVSS 9.8): Public PoC Disclosed for Testing Tool With 57M Weekly Downloads (CVE-2026-53633) Vitest RCE vulnerability CVE-2026-53633, Browser Mode RCE, config file overwrite Vitest remote code execution critical 9.8 CVSS flaws

Vitest RCE vulnerability CVE-2026-53633, Browser Mode RCE, config file overwrite Vitest remote code execution critical 9.8 CVSS flaws

Vitest RCE Vulnerability (CVSS 9.8): Public PoC Disclosed for Testing Tool With 57M Weekly Downloads (CVE-2026-53633)

Do Son June 16, 2026

A critical Vitest RCE vulnerability has put a hugely popular testing framework in the spotlight. Tracked as...

Jenkins RCE Vulnerability CVE-2026-53435 Now Under Active Exploitation Jenkins RCE vulnerability active exploitation, CVE-2026-53435, CVE-2026-53436, CVE-2026-53437 Jenkins - CVE-2024-43044 Jenkins vulnerability SSH host key reuse

Jenkins RCE vulnerability active exploitation, CVE-2026-53435, CVE-2026-53436, CVE-2026-53437 Jenkins - CVE-2024-43044 Jenkins vulnerability SSH host key reuse

Jenkins RCE Vulnerability CVE-2026-53435 Now Under Active Exploitation

Do Son June 15, 2026

Attackers are already abusing a critical Jenkins RCE vulnerability in the wild. Tracked as CVE-2026-53435, the flaw...

FreePBX RCE Vulnerabilities Threaten Telecom Servers FreePBX RCE vulnerabilities CVE-2025-66039, CVE-2025-61678, CVE-2025-61675

FreePBX RCE Vulnerabilities Threaten Telecom Servers

Do Son June 15, 2026

System administrators must immediately patch two critical FreePBX RCE vulnerabilities that expose voice over IP (VoIP) telephony...

CodeIgniter Vulnerability Enables Arbitrary Code Execution (CVSS 9.8) CodeIgniter vulnerability, arbitrary code execution, CVE-2026-48062, CVE-2024-47823 CVE-2023-32692 CodeIgniter RCE, ImageMagick Vulnerability

CodeIgniter vulnerability, arbitrary code execution, CVE-2026-48062, CVE-2024-47823 CVE-2023-32692 CodeIgniter RCE, ImageMagick Vulnerability

CodeIgniter Vulnerability Enables Arbitrary Code Execution (CVSS 9.8)

Do Son June 15, 2026

A serious CodeIgniter vulnerability has put many PHP web applications at risk. Tracked as CVE-2026-48062, the flaw...

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

Millions at Risk: 9.8 CVSS Remote Code Execution in HTTP.sys

Do Son June 12, 2026

The tech world faces a severe threat today. Millions of users are currently at risk due to...

PhpSpreadsheet RCE Vulnerability: PoC Exploit Disclosed for 312 Million Users CVE-2026-45034 exploit PhpSpreadsheet RCE vulnerability PhpSpreadsheet CVE-2025-54370

CVE-2026-45034 exploit PhpSpreadsheet RCE vulnerability PhpSpreadsheet CVE-2025-54370

PhpSpreadsheet RCE Vulnerability: PoC Exploit Disclosed for 312 Million Users

Do Son June 11, 2026

PhpSpreadsheet is a widely used library written in pure PHP. It offers a robust set of classes...

Liquidjs CVSS 10 RCE Threatens 7.3M Monthly Users Liquidjs remote code execution template engine vulnerability

Liquidjs CVSS 10 RCE Threatens 7.3M Monthly Users

Do Son June 1, 2026

Security researchers recently uncovered a maximum-severity flaw in a highly popular template engine. Specifically, this newly disclosed...

Apache CXF Framework Patches Three Severe Security Flaws Apache CXF vulnerabilities, JNDI injection flaws, CVE-2026-50634, CVE-2026-50633, CVE-2026-50628 Apache CXF vulnerabilities

Apache CXF vulnerabilities, JNDI injection flaws, CVE-2026-50634, CVE-2026-50633, CVE-2026-50628 Apache CXF vulnerabilities

Apache CXF Framework Patches Three Severe Security Flaws

Do Son May 26, 2026

The Apache Software Foundation recently released critical updates for its popular web services framework. These updates address...

Poisoned Code: Stealthy Malicious Go Module Backdoor Discovered in Long-Running Typosquat

Do Son May 25, 2026

Open-source software repositories remain a top target for modern cybercriminals. Recently, Socket’s Threat Research Team uncovered a...

Fortra BoKS vulnerability OS command injection, CVE-2026-9862 Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Critical Altium Enterprise Server Flaws Grant RCE and Database Access

Do Son May 22, 2026

Altium Enterprise Server, the backbone platform used by engineering teams globally to manage complex printed circuit board...

Hundreds of Millions Affected: New “nginx-poolslip” Zero-Day Weaponizes ASLR Bypass for Remote Code Execution nginx-poolslip zero-day Nginx 1.31.0 RCE

nginx-poolslip zero-day Nginx 1.31.0 RCE

Hundreds of Millions Affected: New “nginx-poolslip” Zero-Day Weaponizes ASLR Bypass for Remote Code Execution

Do Son May 21, 2026

Just when the internet thought it was safe to breathe following the patching of the notorious nginx-rift...

Critical 9.8 CVSS: NVIDIA Triton Inference Server Authentication Bypass Threatens AI Workloads NVIDIA NeMo vulnerability CVE-2026-24155, CVE-2026-24252, CVE-2026-24228, code injection NVIDIA DALI vulnerabilities NVIDIA Driver Security Update CVE-2026-24187 Linux

NVIDIA NeMo vulnerability CVE-2026-24155, CVE-2026-24252, CVE-2026-24228, code injection NVIDIA DALI vulnerabilities NVIDIA Driver Security Update CVE-2026-24187 Linux

Critical 9.8 CVSS: NVIDIA Triton Inference Server Authentication Bypass Threatens AI Workloads

Do Son May 20, 2026

NVIDIA has released a software update for the NVIDIA Triton Inference Server to address a wave of...

PoC Exploit Publicly Disclosed: 20-Year-Old PostgreSQL pgcrypto Flaw (CVE-2026-2005) Grants Full Superuser RCE PostgreSQL pgcrypto PoC Exploit CVE-2026-2005 Public Disclosure

PostgreSQL pgcrypto PoC Exploit CVE-2026-2005 Public Disclosure

PoC Exploit Publicly Disclosed: 20-Year-Old PostgreSQL pgcrypto Flaw (CVE-2026-2005) Grants Full Superuser RCE

Do Son May 19, 2026

A critical heap buffer overflow vulnerability lurking in PostgreSQL’s core cryptographic extension for over two decades has...

Critical RCE Flaw in Apache Flink (CVE-2026-35194) Threatens TaskManagers CVE-2020-17519 Apache Flink Vulnerability CVE-2026-35194 RCE

Critical RCE Flaw in Apache Flink (CVE-2026-35194) Threatens TaskManagers

Do Son May 18, 2026

A critical severity vulnerability, tracked as CVE-2026-35194, has been disclosed in Apache Flink, exposing the distributed processing...

Critical Strapi Flaws Enable Unauthenticated Admin Takeover and Server RCE Strapi CMS Vulnerabilities CVE-2026-27886 Admin Takeover

Critical Strapi Flaws Enable Unauthenticated Admin Takeover and Server RCE

Do Son May 18, 2026

A pair of severe vulnerabilities discovered in Strapi, the widely used open-source headless Content Management System (CMS),...

Three Critical 9.4 CVSS Flaws Expose n8n Automation Nodes to Full RCE n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

Three Critical 9.4 CVSS Flaws Expose n8n Automation Nodes to Full RCE

Do Son May 18, 2026

Technical teams using the popular workflow automation platform n8n are facing a high-stakes security advisory after researchers...

Critical 9.2 CVSS RCE Found in Amazon Redshift JDBC Driver Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

Amazon Redshift JDBC Driver RCE CVE-2026-8178 AWS Bahrain fire 2026 AWS UAE data center fire Amazon North Korean hacker keystroke latency, Arizona laptop farm infiltration

Critical 9.2 CVSS RCE Found in Amazon Redshift JDBC Driver

Do Son May 15, 2026

Security teams are being urged to move quickly following the disclosure of a critical Remote Code Execution...

Critical 9.4 CVSS pgAdmin 4 Flaws Enable Full OS Command Execution pgAdmin 4 Vulnerabilities CVE-2026-7813 Authorization Bypass pgAdmin RCE, BOM Bypass Flaw