Remote Code Execution Archives • Page 19 of 25 • Daily CyberSecurity

CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments MCP Inspector, RCE Vulnerability

CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments

Do Son June 17, 2025

A newly disclosed security flaw in the MCP Inspector, a tool designed to test and debug Machine...

Unauthenticated RCE in BeyondTrust Tools: Chat Feature Opens Door to Server Takeover BeyondTrust RCE, Server-Side Template Injection

Unauthenticated RCE in BeyondTrust Tools: Chat Feature Opens Door to Server Takeover

Do Son June 17, 2025

BeyondTrust has issued an urgent security advisory for a high-severity vulnerability affecting its flagship products—Remote Support (RS)...

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

Do Son June 17, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited...

Zyxel Firewalls Under Attack via Critical CVE-2023-28771 Zyxel Firewall, CVE-2023-28771

Zyxel Firewalls Under Attack via Critical CVE-2023-28771

Do Son June 17, 2025

A sudden and coordinated wave of exploit attempts targeting a critical vulnerability in Zyxel firewalls has been...

Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet CVE-2025-3248 PoC script execution

Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet

Do Son June 16, 2025

Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability...

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks Blink Router, Critical Vulnerabilities

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Do Son June 16, 2025

Five critical vulnerabilities—each scoring a CVSS of 9.8—have been disclosed in multiple models of Blink routers BL,...

libxml2 Flaws Exposed: Memory Corruption, RCE, & DoS Threats Uncovered libxml2 Vulnerabilities, XML Parsing

libxml2 Flaws Exposed: Memory Corruption, RCE, & DoS Threats Uncovered

Do Son June 16, 2025

The researchers disclosured four security vulnerabilities in libxml2, a widely used XML parsing library embedded in web...

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE Mitel OpenScape, Path Traversal

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE

Do Son June 14, 2025

A newly disclosed vulnerability in Mitel’s OpenScape Accounting Management platform has been assigned CVE-2025-23092 and rated High...

Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution Ricoh Streamline NX, Remote Code Execution

Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution

Do Son June 13, 2025

Ricoh has issued three security advisories addressing multiple serious vulnerabilities in its Streamline NX V3 PC Client,...

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITY\SYSTEM Acer ControlCenter, Privilege Escalation

CVE-2025-5491: Acer Control Center Bug Allows Remote Code Execution as NT AUTHORITY\SYSTEM

Do Son June 13, 2025

Acer has released a critical security update addressing a newly disclosed local privilege escalation vulnerability in its...

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack Bosch RCE, Critical Vulnerability

Urgent Bosch Alert: Critical RCE Flaw (CVSS 10.0) Exposes Dispatch & Matrix Software to Attack

Do Son June 13, 2025

Bosch has issued a critical security advisory addressing a severe remote code execution (RCE) vulnerability affecting its...

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution Firefox Vulnerabilities

Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution

Do Son June 12, 2025

The Mozilla Foundation has issued an urgent security update for the Firefox web browser, addressing two critical...

Critical Trend Micro Apex Central Flaws: Pre-Auth RCE (CVSS 9.8) Threatens Your Security Trend Micro, RCE Vulnerability

Critical Trend Micro Apex Central Flaws: Pre-Auth RCE (CVSS 9.8) Threatens Your Security

Do Son June 12, 2025

Trend Micro has issued an urgent Critical Patch (CP B7007) for its Apex Central platform, addressing two...

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available Windows Zero-Day Kerberos relay

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Do Son June 12, 2025

A newly disclosed vulnerability, CVE-2025-33073, revealed by RedTeam Pentesting GmbH, exposes a critical flaw in Microsoft Windows’...

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access! Weidmueller, Critical Vulnerabilities

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Do Son June 12, 2025

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the...

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack! QNX Vulnerability, Remote Code Execution CVE-2025-2474

Critical RCE Flaw (CVSS 9.8) in QNX SDP Exposes Automotive & IoT Systems to Attack!

Do Son June 12, 2025

The QNX Software Development Platform (SDP)—a foundation of many embedded and real-time systems—has been found vulnerable to...

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix Avaya CMS, Remote Command Execution

Avaya CMS Exposed to Unauthorized Remote Command Attacks: CVSS 9.9 Vulnerability Demands Urgent Fix

Do Son June 10, 2025

Avaya has issued a critical security advisory for its widely deployed Call Management System (CMS), warning customers...

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems XXE Vulnerability

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems

Do Son June 10, 2025

The GeoTools project, a popular open-source Java library used for geospatial data processing, has issued a critical...

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes Kafka RCE JAAS vulnerability

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes

Do Son June 9, 2025

The Apache Kafka Project has released security advisories addressing three important vulnerabilities affecting various versions of the...

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered! CVE-2025-3835, Exchange Reporter Plus

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

Do Son June 9, 2025

ManageEngine’s Exchange Reporter Plus, a widely-used web-based monitoring and reporting tool for Microsoft Exchange, has been found...

Critical Alert 4 Active Exploits Detected Today