rce Archives • Page 10 of 30 • Daily CyberSecurity

Hackers Exploit Critical BeyondTrust Flaw to Deploy VShell and SparkRAT Across Multiple Sectors BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

BeyondTrust Vulnerability CVE-2026-1731 UPBIT $369M Hack CVE-2024-55591 Ivanti VPN vulnerability, cyber espionage

Hackers Exploit Critical BeyondTrust Flaw to Deploy VShell and SparkRAT Across Multiple Sectors

Do Son February 23, 2026

A critical security flaw in a widely used enterprise access platform is under active attack, prompting urgent...

Poisoned Pages: Critical Calibre Path Traversal Flaws Expose Readers to RCE Calibre Vulnerability CVE-2026-26065 Calibre RCE, FB2 File Flaw

Poisoned Pages: Critical Calibre Path Traversal Flaws Expose Readers to RCE

Do Son February 23, 2026

Calibre, the highly popular, cross-platform e-book manager utilized by readers worldwide to view, convert, edit, and catalog...

The Dev Environment Trap: 128 Million Users at Risk as Top VS Code Extensions Unmask Critical Flaws VS Code extension vulnerabilities 2026

The Dev Environment Trap: 128 Million Users at Risk as Top VS Code Extensions Unmask Critical Flaws

Do Son February 20, 2026

Ubiquitous extensions for Visual Studio Code, boasting a cumulative download count exceeding 128 million, have been unmasked...

PostgreSQL Fixes 5 Security Flaws Including Critical Code Execution Risks PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Vulnerabilities CVE-2026-2006 PostgreSQL, security update CVE-2023-5869 - CVE-2025-1094

PostgreSQL Fixes 5 Security Flaws Including Critical Code Execution Risks

Do Son February 18, 2026

The PostgreSQL Global Development Group has issued a critical alert for database administrators worldwide, releasing a comprehensive...

AI Data at Risk: Critical Milvus Flaw (CVSS 9.8) Exposes Database via Port 9091 Milvus Vulnerability Vector Database Security

AI Data at Risk: Critical Milvus Flaw (CVSS 9.8) Exposes Database via Port 9091

Do Son February 16, 2026

A critical vulnerability has been discovered in Milvus, the high-performance vector database that powers many of the...

Billions at Risk: Critical Windows Notepad Flaw Allows Remote Code Execution Windows Notepad Vulnerability CVE-2026-20841 Notepad Markdown Tables Copilot Streaming

Windows Notepad Vulnerability CVE-2026-20841 Notepad Markdown Tables Copilot Streaming

Billions at Risk: Critical Windows Notepad Flaw Allows Remote Code Execution

Do Son February 11, 2026

It is the quintessential “harmless” application: Windows Notepad. But a newly discovered vulnerability has turned this humble...

4 Million Downloads at Risk: Critical Unstructured Flaw (CVSS 9.8) Allows RCE Unstructured Library Vulnerability CVE-2025-64712

4 Million Downloads at Risk: Critical Unstructured Flaw (CVSS 9.8) Allows RCE

Do Son February 6, 2026

A critical vulnerability has been discovered in the unstructured library, a powerhouse tool used by developers to...

Samsung MagicInfo9 Vulnerability CVE-2026-25202 Galaxy S26 benchmarks Samsung HBM4 NVIDIA certification Samsung Bixby Perplexity integration, One UI 8.5 AI assistant Samsung Taylor 2nm mass production, TSMC 2nm capacity constraint 2026 Samsung SATA SSD Discontinuation, SSD Market Shift Samsung SATA SSD Discontinuation, M.2 Market Shift Samsung Foundry 4nm Yield Tsavorite OPU Chip Order Samsung Project Moohan, Android XR Samsung OpenAI Partnership, AI Infrastructure Samsung Exynos 2600, 2nm GAA Tesla AI Chips, Samsung Foundry Deal Samsung Foldables, Galaxy Unpacked 2025 Samsung AI, Perplexity AI Samsung data breach Q990D firmware US tariffs

Signage Hijack: Samsung MagicInfo9 Flaws (CVSS 9.8) Expose Servers

Do Son February 5, 2026

Samsung’s MagicInfo9 Server, a widely used solution for managing digital signage displays, has been struck by a...

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Ingress-Nginx Vulnerability Kubernetes RCE Vulnerability CVE-2025-9708 Kubernetes Security, Image Builder Vulnerability CVE-2024-10220 - OPA Gatekeeper Bypass

Gatekeeper Breached: 4 Critical Ingress-Nginx Flaws Risk Cluster Secrets

Do Son February 3, 2026

For Kubernetes administrators, the Ingress-Nginx controller is the trusted gatekeeper, routing traffic from the wild internet to...

WiFi Hijack: Hikvision Patches Command Injection in DS-3WAP Access Points Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

Hikvision Vulnerability CVE-2026-0709 Hikvision Vulnerability CVE-2025-66176 Hikvision, vulnerability Canada Hikvision Ban, National Security Hikvision firmware updates

WiFi Hijack: Hikvision Patches Command Injection in DS-3WAP Access Points

Do Son February 3, 2026

Hikvision has rolled out a critical firmware update for its line of wireless access points (APs) to...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Exploited in the Wild: Critical Ivanti EPMM RCE Flaws (CVSS 9.8) Under Attack

Do Son January 30, 2026

Ivanti has issued an urgent security advisory confirming that attackers are actively exploiting critical vulnerabilities in its...

Safety Broken: PyTorch “Safe” Mode Bypassed by Critical RCE Flaw PyTorch vulnerability, CVE-2025-32434 CVE-2026-24747

Safety Broken: PyTorch “Safe” Mode Bypassed by Critical RCE Flaw

Do Son January 29, 2026

The development team behind PyTorch, the backbone of modern deep learning and AI research, has patched a...

CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE PHPUnit RCE Poisoned Pipeline Execution PHPUnit Vulnerability CVE-2026-24765

PHPUnit RCE Poisoned Pipeline Execution PHPUnit Vulnerability CVE-2026-24765

CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE

Do Son January 29, 2026

The maintainers of PHPUnit, the industry-standard testing framework for PHP, have released a critical security update to...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2026-24002: Critical Sandbox Escape Turns Grist Spreadsheets into RCE Weapons

Do Son January 29, 2026

A seemingly innocent spreadsheet formula could be the key to compromising entire organizations, thanks to a critical...

CVE-2026-23830: Critical SandboxJS Flaw (CVSS 10) Allows Total Sandbox Escape

Do Son January 29, 2026

A perfect storm of missing checks has led to a maximum-severity vulnerability in SandboxJS, a library designed...

SolarWinds Web Help Desk Hit with Multiple RCE and Auth Bypass Vulnerabilities CVE-2024-23476 & CVE-2024-23479 SolarWinds Web Help Desk Unauthenticated RCE

CVE-2024-23476 & CVE-2024-23479 SolarWinds Web Help Desk Unauthenticated RCE

SolarWinds Web Help Desk Hit with Multiple RCE and Auth Bypass Vulnerabilities

Do Son January 28, 2026

Security researchers have disclosed a barrage of critical vulnerabilities in SolarWinds Web Help Desk (WHD) software. The...

Sandbox Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

Sandbox Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution

Do Son January 28, 2026

Security researcher Natan Nehorai of the JFrog Security Research Team has uncovered a critical Remote Code Execution...

HPE Aruba Patches High-Severity RCE and OpenSSL Flaws CVE-2024-42509 & CVE-2024-47460 HPE Aruba Fabric Composer CVE-2026-23592 Aruba AOS-CX CVE-2026-23813

CVE-2024-42509 & CVE-2024-47460 HPE Aruba Fabric Composer CVE-2026-23592 Aruba AOS-CX CVE-2026-23813

HPE Aruba Patches High-Severity RCE and OpenSSL Flaws

Do Son January 28, 2026

HPE Aruba Networking has released a critical security advisory urging administrators to patch their Fabric Composer software...

Pre-Auth RCE Risk: OpenSSL Patches High-Severity Stack Overflow (CVE-2025-15467) OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel