rce Archives • Page 7 of 30 • Daily CyberSecurity

Budibase Patches Critical RCE and SSRF Vulnerabilities Budibase RCE SSRF Vulnerability Budibase Vulnerabilities Authentication Bypass

Budibase Patches Critical RCE and SSRF Vulnerabilities

Do Son April 7, 2026

Budibase, the popular open-source low-code platform used by engineers to rapidly build internal tools, has released urgent...

10.0 CVSS Flaw in Kestra Grants Full Server Control Kestra RCE SQL Injection Vulnerability

10.0 CVSS Flaw in Kestra Grants Full Server Control

Do Son April 7, 2026

A critical security vulnerability has been unmasked in Kestra, the popular open-source, event-driven orchestration platform. The flaw,...

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack Ninja Forms RCE WordPress Vulnerability

Ninja Forms Alert: Critical 9.8 RCE Vulnerability Under Active Attack

Do Son April 6, 2026

In a major alert for the WordPress community, a critical security flaw has been disclosed in the...

CVE-2026-34838 (CVSS 10): Critical RCE Flaw Uncovered in GroupOffice CRM GroupOffice RCE, Insecure Deserialization

CVE-2026-34838 (CVSS 10): Critical RCE Flaw Uncovered in GroupOffice CRM

Do Son April 6, 2026

In a significant discovery for enterprises and public sector organizations, a critical security vulnerability has been unmasked...

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security mbCONNECT24 Vulnerabilities Industrial RCE

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security

Do Son April 6, 2026

In a significant alert for the industrial automation sector, CERT@VDE has disclosed a series of high-severity vulnerabilities...

Exploit Code Live: Full Technical Details and PoC Disclosed for Critical CWP RCE Vulnerability CWP RCE PoC Disclosed

Exploit Code Live: Full Technical Details and PoC Disclosed for Critical CWP RCE Vulnerability

Do Son April 6, 2026

A severe security failure has been unearthed in Control Web Panel (CWP)—formerly known as CentOS Web Panel—that...

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI Vertex AI Security AI Double Agents

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI

Do Son April 6, 2026

As organizations race to integrate autonomous systems into their workflows, a new and subtle threat is emerging...

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild

Do Son April 4, 2026

Security teams are on high alert as Fortinet confirms that a critical vulnerability in its FortiClient EMS...

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers MuPDF RCE Integer Overflow

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers

Do Son April 3, 2026

A significant security flaw has been unearthed in Artifex MuPDF, a popular framework prized for its speed...

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile Progress ShareFile RCE Storage Zones Controller

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile

Do Son April 3, 2026

A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file...

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access Cisco SSM On-Prem Vulnerability CVE-2026-20160

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access

Do Son April 2, 2026

Cisco has recently dropped a high-stakes security advisory regarding a critical vulnerability in its Smart Software Manager...

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access NocoBase RCE Sandbox Escape

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access

Do Son April 1, 2026

A critical vulnerability has been unearthed in NocoBase, the AI-powered platform designed for infinite extensibility. The flaw,...

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework

Do Son April 1, 2026

NVIDIA has issued an important security update for its BioNeMo Framework, a critical tool used by researchers...

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge

Do Son April 1, 2026

Magento remains a titan in the e-commerce space, currently “estimated to be running on more than 130,000...

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System

Do Son April 1, 2026

The Vim project has issued a critical security advisory regarding a high-severity vulnerability that could allow attackers...

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw Backup Tampering Exploit

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Do Son March 31, 2026

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection CrewAI Vulnerabilities AI Agent Security

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection

Do Son March 31, 2026

The rapidly growing field of multi-agent AI systems has hit a significant security speed bump. A new...

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Do Son March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

High-Severity RCE Discovered in Foreman’s WebSocket Proxy Foreman RCE Command Injection

High-Severity RCE Discovered in Foreman’s WebSocket Proxy

Do Son March 30, 2026

Security researchers have identified a high-severity vulnerability in Foreman, the popular open-source lifecycle management tool used by...

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution Prototype Pollution node-convict Vulnerability

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution

Do Son March 30, 2026

A critical vulnerability has been uncovered in node-convict, the widely used configuration management library designed to make...