rce

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild

Ddos April 4, 2026

Security teams are on high alert as Fortinet confirms that a critical vulnerability in its FortiClient EMS...

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers MuPDF RCE Integer Overflow

MuPDF RCE Integer Overflow

The MuPDF Vulnerability Turning “Safe” PDFs into System Hijackers

Ddos April 3, 2026

A significant security flaw has been unearthed in Artifex MuPDF, a popular framework prized for its speed...

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile Progress ShareFile RCE Storage Zones Controller

Progress ShareFile RCE Storage Zones Controller

Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile

Ddos April 3, 2026

A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file...

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access Cisco SSM On-Prem Vulnerability CVE-2026-20160

Cisco SSM On-Prem Vulnerability CVE-2026-20160

Critical 9.8 CVSS Flaw in Cisco SSM On-Prem Grants Unauthenticated Root Access

Ddos April 2, 2026

Cisco has recently dropped a high-stakes security advisory regarding a critical vulnerability in its Smart Software Manager...

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access NocoBase RCE Sandbox Escape

NocoBase RCE Sandbox Escape

NocoBase Critical Alert: Sandbox Escape Grants Attackers Root Access

Ddos April 1, 2026

A critical vulnerability has been unearthed in NocoBase, the AI-powered platform designed for infinite extensibility. The flaw,...

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework

Ddos April 1, 2026

NVIDIA has issued an important security update for its BioNeMo Framework, a critical tool used by researchers...

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Magento RCE Magento PolyShell REST API RCE CosmicSting (CVE-2024-34102) Magento Security Updates

PolyShell Exposed: Public PoC and Active Exploitation Disclosed for Critical Magento RCE as Automated Attacks Surge

Ddos April 1, 2026

Magento remains a titan in the e-commerce space, currently “estimated to be running on more than 130,000...

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Modeline Vulnerability: How a Crafted File Can Hijack Your System

Ddos April 1, 2026

The Vim project has issued a critical security advisory regarding a high-severity vulnerability that could allow attackers...

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw Backup Tampering Exploit

Backup Tampering Exploit

Public PoC Exploit and Full Details Disclosed for Nginx UI’s 9.4 CVSS Backup Flaw

Ddos March 31, 2026

The “one-click” simplicity of Nginx UI has hit a major security roadblock. Researchers have unveiled a critical...

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection CrewAI Vulnerabilities AI Agent Security

CrewAI Vulnerabilities AI Agent Security

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection

Ddos March 31, 2026

The rapidly growing field of multi-agent AI systems has hit a significant security speed bump. A new...

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Ddos March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

High-Severity RCE Discovered in Foreman’s WebSocket Proxy Foreman RCE Command Injection

Foreman RCE Command Injection

High-Severity RCE Discovered in Foreman’s WebSocket Proxy

Ddos March 30, 2026

Security researchers have identified a high-severity vulnerability in Foreman, the popular open-source lifecycle management tool used by...

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution Prototype Pollution node-convict Vulnerability

Prototype Pollution node-convict Vulnerability

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution

Ddos March 30, 2026

A critical vulnerability has been uncovered in node-convict, the widely used configuration management library designed to make...

Critical 9.3 CVSS RCE Vulnerability Hit in OpenTelemetry Java Agent OpenTelemetry Java Vulnerability Java RCE Exploit

OpenTelemetry Java Vulnerability Java RCE Exploit

Critical 9.3 CVSS RCE Vulnerability Hit in OpenTelemetry Java Agent

Ddos March 30, 2026

A critical vulnerability has been uncovered in the OpenTelemetry Instrumentation for Java, a popular tool used by...

The 30-Year Glitch: RCE and ARM Exploits Uncovered in libpng Reference Library libpng Vulnerability CVE-2026-25646 libpng Vulnerability Remote Code Execution (RCE)

libpng Vulnerability CVE-2026-25646 libpng Vulnerability Remote Code Execution (RCE)

The 30-Year Glitch: RCE and ARM Exploits Uncovered in libpng Reference Library

Ddos March 30, 2026

Security researchers have disclosed two significant vulnerabilities in libpng, the official reference library for Portable Network Graphics...

Vim Under Fire: High-Severity “Tabpanel” Bug Allows RCE via Simple File Open Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

Vim Under Fire: High-Severity “Tabpanel” Bug Allows RCE via Simple File Open

Ddos March 30, 2026

A critical bug chain has been discovered in Vim, the ubiquitous text editor used by millions of...

Critical libfuse io_uring Vulnerabilities Threaten Linux and Kubernetes Infrastructure libfuse vulnerability io_uring exploit

libfuse vulnerability io_uring exploit

Critical libfuse io_uring Vulnerabilities Threaten Linux and Kubernetes Infrastructure

Ddos March 30, 2026

The FUSE (Filesystem in Userspace) project, a staple of the Linux ecosystem that allows non-privileged users to...

SQL to SSH: Critical 9.1 CVSS RCE in Grafana Turns Monitoring into a Remote Hijack CVE-2022-29170 Grafana RCE SQL Expressions Flaw

CVE-2022-29170 Grafana RCE SQL Expressions Flaw

SQL to SSH: Critical 9.1 CVSS RCE in Grafana Turns Monitoring into a Remote Hijack

Ddos March 29, 2026

The Grafana team has released an urgent security advisory following the discovery of two significant vulnerabilities that...

CISA Issues Three-Days Patch Mandate for Critical 9.8 F5 BIG-IP RCE State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

CISA Issues Three-Days Patch Mandate for Critical 9.8 F5 BIG-IP RCE

Ddos March 29, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical Remote Code Execution (RCE) vulnerability...

Critical 9.4 CVSS RCE Flaws in n8n Turn Workflows into Backdoors n8n RCE Automation Security n8n Vulnerability Prototype Pollution RCE

n8n RCE Automation Security n8n Vulnerability Prototype Pollution RCE

Critical 9.4 CVSS RCE Flaws in n8n Turn Workflows into Backdoors

Ddos March 27, 2026

Security researchers have disclosed two critical vulnerabilities in n8n, the popular fair-code workflow automation platform used by...