Remote Code Execution Archives • Page 4 of 25 • Daily CyberSecurity

10.0 CVE-2026-40342: CVSS 10.0 Path Traversal to RCE in Firebird Database Firebird Database RCE CVE-2026-40342

10.0 CVE-2026-40342: CVSS 10.0 Path Traversal to RCE in Firebird Database

Do Son April 22, 2026

Researchers have disclosed a critical-severity vulnerability in Firebird, the long-standing relational database with roots dating back to...

Critical Rclone Critical Vulnerability Alert: Public PoC Released for Administrative Auth Bypass and RCE rclone command execution execute local commands Rclone RCE CVE-2026-41176

rclone command execution execute local commands Rclone RCE CVE-2026-41176

Critical Rclone Critical Vulnerability Alert: Public PoC Released for Administrative Auth Bypass and RCE

Do Son April 20, 2026

The cybersecurity community is on high alert following the public disclosure of two critical vulnerabilities in Rclone,...

Critical Critical Pre-Auth RCE Found in OpenAM Identity Platform OpenAM RCE CVE-2026-33439

Critical Critical Pre-Auth RCE Found in OpenAM Identity Platform

Do Son April 17, 2026

OpenAM, the widely-deployed open-source access management solution, is facing a critical security challenge following the discovery of...

Critical CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953

Critical CISA Adds Critical Apache ActiveMQ RCE Flaw to KEV Catalog

Do Son April 17, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive after adding a high-severity vulnerability...

10 CVE-2026-38526: Critical CVSS 10 Vulnerability Discovered in Krayin CRM Krayin CRM RCE CVE-2026-38526

10 CVE-2026-38526: Critical CVSS 10 Vulnerability Discovered in Krayin CRM

Do Son April 16, 2026

A maximum-severity security flaw has been unearthed in Krayin CRM, a popular open-source framework built on Laravel...

9.9 Cisco Patches Critical CVSS 9.9 RCE Flaws in Identity Services Engine Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

9.9 Cisco Patches Critical CVSS 9.9 RCE Flaws in Identity Services Engine

Do Son April 16, 2026

Cisco has issued a critical security advisory regarding its Identity Services Engine (ISE), warning of a pair...

Splunk Issues Urgent Fixes for RCE and Clear-Text Token Leaks

Do Son April 16, 2026

Splunk has released a series of security advisories detailing two significant vulnerabilities impacting Splunk Enterprise, Splunk Cloud...

Critical Adobe Rushes Patches for Critical ColdFusion RCE and Security Bypasses ColdFusion RCE Adobe Security Patch

Critical Adobe Rushes Patches for Critical ColdFusion RCE and Security Bypasses

Do Son April 15, 2026

Adobe has released an urgent set of security updates to address multiple vulnerabilities within its ColdFusion 2025...

9.8 CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover Cockpit RCE CVE-2026-4631

9.8 CVE-2026-4631: Critical 9.8 RCE Flaw in Cockpit Allows Unauthenticated Server Takeover

Do Son April 14, 2026

In the world of Linux server management, ease of use and security are intended to go hand-in-hand....

Critical Critical 9.8 RCE Flaw in Qlik Talend Threatens Enterprise Data Pipelines CVE-2023-48365 Talend JobServer RCE JMX Port Vulnerability

Critical Critical 9.8 RCE Flaw in Qlik Talend Threatens Enterprise Data Pipelines

Do Son April 14, 2026

QlikTech has issued an urgent security advisory regarding a critical vulnerability in Talend JobServer and Talend Runtime...

Maximum Severity RCE Vulnerability Decimating Paperclip AI Instances Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Maximum Severity RCE Vulnerability Decimating Paperclip AI Instances

Do Son April 14, 2026

Paperclip—a Node.js and React-based platform—has become a popular choice for businesses looking to deploy teams of AI...

Critical Supply Chain Alert: Critical 9.4 CVSS RCE Hits Sonatype Nexus Repository Manager Nexus Repository RCE Supply Chain Security Nexus Repository Manager - CVE-2024-5082 & CVE-2024-5083

Critical Supply Chain Alert: Critical 9.4 CVSS RCE Hits Sonatype Nexus Repository Manager

Do Son April 13, 2026

Security teams across the globe are being urged to move quickly as Sonatype has disclosed a critical...

Critical Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Critical Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab

Do Son April 9, 2026

Mitel has issued an urgent security advisory for its MiCollab platform, warning of two distinct vulnerabilities that,...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Critical Critical Zero-Day: Unauthenticated RCE Exploited in Weaver E-cology 10.0

Do Son April 8, 2026

A critical security vulnerability, tracked as CVE-2026-22679, has been identified in Weaver (Fanwei) E-cology 10.0, one of...

Critical Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile Progress ShareFile RCE Storage Zones Controller

Critical Critical 9.8 CVSS RCE Vulnerabilities Exposed in Progress ShareFile

Do Son April 3, 2026

A duo of severe security vulnerabilities has been uncovered in Progress ShareFile, a widely used managed file...

Critical Critical 9.2 Severity Flaw in Gigabyte Control Center Exposed Gigabyte Control Center CVE-2026-4415

Critical Critical 9.2 Severity Flaw in Gigabyte Control Center Exposed

Do Son April 2, 2026

According to a security advisory promulgated by Gigabyte, the Gigabyte Control Center (GCC) is affected by an...

Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare PX4 Autopilot Vulnerability MAVLink 2.0 Security

Ghost in the Drone: Unauthenticated Shell Access in PX4 Autopilot’s 9.8 CVSS Nightmare

Do Son April 1, 2026

A critical security advisory has been issued for the PX4 Autopilot system. The vulnerability, tracked as CVE-2026-1579,...

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

PAN-OS Root RCE CL-STA-1132 Exploitation Tianxin RCE CVE-2021-4473 React Native Supply Chain Attack AstrOOnauta Malware Gladinet Zero-Day, LFI RCE Chain WordPress Theme, Account Takeover CVE-2024-50623 - European Space Agency cyberattack

The Instant Weaponization of Oracle’s 10.0 CVSS “Zero-Day-Like” Flaw

Do Son March 31, 2026

The digital ink had barely dried on the disclosure of CVE-2026-21962 before threat actors began a relentless...

Critical Critical 9.3 CVSS RCE Vulnerability Hit in OpenTelemetry Java Agent OpenTelemetry Java Vulnerability Java RCE Exploit

Critical Critical 9.3 CVSS RCE Vulnerability Hit in OpenTelemetry Java Agent

Do Son March 30, 2026

A critical vulnerability has been uncovered in the OpenTelemetry Instrumentation for Java, a popular tool used by...

High Vim Under Fire: High-Severity “Tabpanel” Bug Allows RCE via Simple File Open Vim RCE Modeline Vulnerability Vim RCE Modeline Sandbox Bypass

High Vim Under Fire: High-Severity “Tabpanel” Bug Allows RCE via Simple File Open

Do Son March 30, 2026

A critical bug chain has been discovered in Vim, the ubiquitous text editor used by millions of...