Remote Code Execution Archives • Page 11 of 25 • Daily CyberSecurity

CVE-2025-64439: RCE Flaw Detected in LangGraph: Agent Orchestration Framework at Risk LangGraph RCE, Checkpoint Deserialization

CVE-2025-64439: RCE Flaw Detected in LangGraph: Agent Orchestration Framework at Risk

Do Son November 10, 2025

The LangGraph project, a powerful, low-level orchestration framework trusted by major tech companies for building stateful AI...

CISA Warns of Active Exploitation in XWiki and VMware Vulnerabilities n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Warns of Active Exploitation in XWiki and VMware Vulnerabilities

Do Son October 31, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new flaws—CVE-2025-24893 in XWiki Platform and...

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Chrome Update: New High-Severity Flaw in V8 Engine (CVE-2025-12036) Requires Immediate Patch

Do Son October 22, 2025

Google has released a Stable Channel update (version 141.0.7390.122/.123) for Windows, Mac, and Linux, addressing a high-severity...

7-Zip Flaw (CVE-2025-11001) with Public Exploit Code Threatens Unpatched Systems 7-Zip heap buffer overflow CVE-2025-0411 7-Zip path traversal

7-Zip Flaw (CVE-2025-11001) with Public Exploit Code Threatens Unpatched Systems

Do Son October 21, 2025

Researchers recently disclosed a path-traversal vulnerability (CVE-2025-11001) in the open-source archiver 7-Zip that allows attackers to craft...

CISA Emergency Alert: Critical Adobe AEM Flaw (CVE-2025-54253, CVSS 10.0) Under Active Exploitation CVE-2021-1435 Adobe AEM RCE, CVE-2025-54253

CISA Emergency Alert: Critical Adobe AEM Flaw (CVE-2025-54253, CVSS 10.0) Under Active Exploitation

Do Son October 16, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe Experience Manager (AEM) vulnerability to...

OpenSSH Flaw (CVE-2025-61984) Allows Remote Code Execution via Usernames CVE-2023-48795 - Terrapin Attack OpenSSH RCE, ProxyCommand Injection

OpenSSH Flaw (CVE-2025-61984) Allows Remote Code Execution via Usernames

Do Son October 8, 2025

Security researcher David Leadbeater has disclosed a vulnerability in OpenSSH, identified as CVE-2025-61984, which highlights how even...

RCE Flaw CVE-2025-10547 in DrayTek Vigor Routers Allows Unauthenticated Root Access DrayTek Vigor RCE, CVE-2025-10547 Router security, TheMoon malware

DrayTek Vigor RCE, CVE-2025-10547 Router security, TheMoon malware

RCE Flaw CVE-2025-10547 in DrayTek Vigor Routers Allows Unauthenticated Root Access

Do Son October 6, 2025

A newly disclosed vulnerability in DrayTek’s Vigor routers, tracked as CVE-2025-10547, could allow remote attackers to execute...

Critical Flaw CVE-2025-49844 (CVSS 10.0) Allows Remote Code Execution in Redis Redis XACKDEL RCE, Google Big Sleep CVE-2023-41056 Redis licensing, AGPL Redis RCE, Lua Use-After-Free CVE-2025-49844

Redis XACKDEL RCE, Google Big Sleep CVE-2023-41056 Redis licensing, AGPL Redis RCE, Lua Use-After-Free CVE-2025-49844

Critical Flaw CVE-2025-49844 (CVSS 10.0) Allows Remote Code Execution in Redis

Do Son October 6, 2025

Redis, the popular open-source in-memory data store widely used for real-time analytics, caching, and message brokering, has...

CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

CISA Warns of Critical RCE Flaw (CVE-2025-10659, CVSS 9.8) in Megasys Telenium Online Web Application

Do Son October 2, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning of a critical...

Critical RCE Flaw in Apache Fory’s Python Module (CVE-2025-61622) Apache Fory, RCE vulnerability

Critical RCE Flaw in Apache Fory’s Python Module (CVE-2025-61622)

Do Son September 30, 2025

The Apache Fory project, a high-performance multi-language serialization framework, has disclosed a critical vulnerability (CVE-2025-61622) that could...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

CVE-2025-58384 (CVSS 10): Critical RCE Flaw Found in Watchdoc Print Management Software

Do Son September 30, 2025

Doxense has issued an urgent security advisory addressing a critical remote code execution (RCE) vulnerability in its...

PoC Released for CVE-2025-41243 – A Spring Cloud Gateway Flaw with CVSS 10.0

Do Son September 22, 2025

Security researcher Ezzer17 published a clear, methodical write-up that walks through the root cause, the partial fixes,...

CVE-2025-9961: TP-Link Router Flaw Could Be Exploited for RCE, PoC Released TP-Link CWMP CVE-2025-9961

CVE-2025-9961: TP-Link Router Flaw Could Be Exploited for RCE, PoC Released

Do Son September 22, 2025

Security researchers at ByteRay have published a detailed exploitation write-up of CVE-2025-9961, a vulnerability in TP-Link’s CWMP...

CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

Cisco VPN Zero-Day, ASA Vulnerability Ivanti Vulnerabilities Wing FTP Server, RCE Exploit CVE-2024-9474 Exploited: LITTLELAMB.WOOLTEA Backdoor

CISA Warns of Malicious Listener Malware Exploiting Ivanti Endpoint Manager Mobile

Do Son September 19, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new Malware Analysis Report (MAR) detailing how...

Chrome Emergency Update: Zero-Day (CVE-2025-10585) in V8 Exploited in the Wild Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome security update exploit in the wild Chrome Zero-Day CVE-2026-3909 Chrome Zero-Day PoC CVE-2026-2441 Chrome Zero-Day CVE-2026-2441 Chrome Zero-Day, Active Exploitation CVE-2025-10585 Chrome vulnerability, zero-day exploit CVE-2025-6558 Chrome Zero-Day, V8 Vulnerability Chrome Zero-Day, Security Update

Chrome Emergency Update: Zero-Day (CVE-2025-10585) in V8 Exploited in the Wild

Do Son September 18, 2025

Google has released a Stable Channel update to version 140.0.7339.185/.186 for Windows and Mac, and 140.0.7339.185 for...

From Simple Bug to RCE: A Flaw (CVE-2025-21692) in the Linux Kernel, PoC Published Linux Kernel vulnerability CVE-2025-21692

From Simple Bug to RCE: A Flaw (CVE-2025-21692) in the Linux Kernel, PoC Published

Do Son September 18, 2025

Security researcher Volticks has published a deep technical writeup on CVE-2025-21692, a vulnerability in the Linux kernel’s...

CVE-2025-9242: Critical WatchGuard Flaw Allows Remote Code Execution WatchGuard Agent Privilege Escalation CVE-2026-6787 WatchGuard Vulnerability CVE-2026-1498 WatchGuard Firebox VPN Flaws, Command Injection WatchGuard Vulnerability CVE-2024-6592 and CVE-2024-6593

CVE-2025-9242: Critical WatchGuard Flaw Allows Remote Code Execution

Do Son September 17, 2025

WatchGuard has issued a security advisory addressing a critical vulnerability in its Fireware OS, tracked as CVE-2025-9242...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches Critical RCE Flaw (CVE-2025-23316, CVSS 9.8) in Triton Inference Server

Do Son September 17, 2025

NVIDIA has released a software update addressing multiple high- and critical-severity vulnerabilities in its Triton Inference Server,...

Multiple High-Severity Vulnerabilities Found in HPE Aruba Networking EdgeConnect SD-WAN Gateways HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

HPE Aruba Private 5G Vulnerability CVE-2026-23595 HPE Instant On Vulnerability CVE-2025-37166 CVE-2024-31466 & CVE-2024-31467 HPE Aruba Networking, vulnerability

Multiple High-Severity Vulnerabilities Found in HPE Aruba Networking EdgeConnect SD-WAN Gateways

Do Son September 17, 2025

HPE Aruba Networking has released patches addressing multiple high- and medium-severity vulnerabilities in its EdgeConnect SD-WAN Gateways,...

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung zero-day Samsung Galaxy S25 Edge, Sales Performance Samsung Account, Inactive Accounts One UI 7 Samsung Update

Samsung Zero-Day Exploit CVE-2025-21043 Patched After Active Attacks on Android Devices

Do Son September 15, 2025

Samsung has released security updates to patch a critical zero-day vulnerability actively exploited against Android devices. Tracked...