Remote Code Execution Archives • Page 6 of 25 • Daily CyberSecurity

Industrial Alert: Urgent Apache IoTDB Patches Fix RCE and “Open Door” Default Flaws Apache IoTDB JEXL injection Apache IoTDB, Security Vulnerabilities

Apache IoTDB JEXL injection Apache IoTDB, Security Vulnerabilities

Industrial Alert: Urgent Apache IoTDB Patches Fix RCE and “Open Door” Default Flaws

Do Son March 9, 2026

The Apache Software Foundation has issued an urgent security advisory for Apache IoTDB, the high-performance time-series database...

Critical Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE Zephyr RTOS Vulnerability CVE-2026-1678

Critical Critical 9.4 CVSS Zephyr RTOS Flaw Exposes Millions of IoT Devices to RCE

Do Son March 9, 2026

Security researchers have disclosed a critical memory-safety vulnerability in the Zephyr Project, a high-profile, scalable real-time operating...

Critical Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Critical Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls

Do Son March 5, 2026

Cybersecurity researchers have identified a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software, the administrative...

10.0 CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed) FreeScout RCE CVE-2026-28289

10.0 CVSS 10.0 Unauthenticated Remote Code Execution in FreeScout (Public Proof-of-Concept Disclosed)

Do Son March 5, 2026

Security researchers have uncovered a maximum-score vulnerability in FreeScout, the popular open-source help desk and shared inbox...

Critical Critical RCE Vulnerability Discovered in OpenStack Vitrage Root Cause Analysis Service OpenStack Vitrage RCE CVE-2026-28370

Critical Critical RCE Vulnerability Discovered in OpenStack Vitrage Root Cause Analysis Service

Do Son March 4, 2026

Security researcher Khalil Lemtaffah from Nokia has identified a critical remote code execution (RCE) vulnerability in OpenStack...

Critical Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

Critical Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution

Do Son March 4, 2026

Security researchers have identified two severe vulnerabilities in AVideo, a popular open-source video streaming platform used by...

Critical Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request Qwik RCE CVE-2026-27971

Critical Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request

Do Son March 4, 2026

Security researchers have identified a critical vulnerability in Qwik, the popular web framework known for its “instant-on”...

Android CLI Android Security Zero-Interaction DoS CVE-2026-21385 Android Security Update UK CMA Apple Google regulation Google Aluminum OS Android 16 leak, ALOS Android ChromeOS merger Android sideloading certification 2026, Google developer verification APK Android AOSP biannual release, AOSP source code latency 2026 Android Zero-Day, Critical DoS Flaw Android Universal Clipboard Cross-Device Sync Gemini Nano Block, Unlocked Bootloader Android, Calling Cards Android Security Bulletin, RCE Vulnerability Android Linux GUI, Debian VM Android System Services, Google Transparency Android 16, Pixel Update

Security Alert: Android March 2026 Update Targets Actively Exploited Zero-Day

Do Son March 3, 2026

Google has released its most substantial security update in years, addressing a total of 129 vulnerabilities in...

Critical Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Langflow Vulnerability CVE-2026-42048 Langflow RCE CVE-2026-27966 Langflow Vulnerabilities CVE-2026-33017

Critical Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell

Do Son March 2, 2026

Artificial intelligence is making it easier than ever to build complex applications, but a newly discovered vulnerability...

10 CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover OneUptime RCE CVE-2026-27728

10 CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover

Do Son March 2, 2026

If your organization relies on OneUptime to keep a watchful eye on website availability, APIs, and online...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes

Do Son March 2, 2026

With over 18 million downloads, basic-ftp is a cornerstone utility for Node.js developers, offering a robust, Promise-based...

Critical Critical 9.9 Severity Flaws Expose Centreon Servers to Remote Takeover Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Critical Critical 9.9 Severity Flaws Expose Centreon Servers to Remote Takeover

Do Son February 26, 2026

IT monitoring environments relying on Centreon face a severe threat this week as two critical vulnerabilities have...

Automation at Risk: Triple 9.4 Severity RCE Flaws Threaten n8n Workflow Servers n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

Automation at Risk: Triple 9.4 Severity RCE Flaws Threaten n8n Workflow Servers

Do Son February 26, 2026

n8n is a popular workflow automation platform that gives technical teams the flexibility of code with the...

Critical Sandbox Escape: Critical 9.2 Severity RCE Flaw Unmasked in ServiceNow AI Platform ServiceNow AI Platform CVE-2026-0542 ServiceNow AI Vulnerability CVE-2025-12420 CVE-2025-0337

ServiceNow AI Platform CVE-2026-0542 ServiceNow AI Vulnerability CVE-2025-12420 CVE-2025-0337

Critical Sandbox Escape: Critical 9.2 Severity RCE Flaw Unmasked in ServiceNow AI Platform

Do Son February 26, 2026

ServiceNow administrators and security teams need to ensure their environments are up to date following the disclosure...

Critical Trend Micro Issues Critical Patch for Apex One: Severe RCE Flaws Addressed Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Trend Micro Apex One CVE-2025-71210 AI Security Trend Micro Deep Security - CVE-2024-48904 & CVE-2024-51503

Critical Trend Micro Issues Critical Patch for Apex One: Severe RCE Flaws Addressed

Do Son February 26, 2026

Network defenders using Trend Micro Apex One need to prioritize their patching schedules this week. TrendAl has...

Critical Critical Flaw in Juniper PTX Routers: Unauthenticated Root Access Discovered Junos OS Evolved CVE-2026-21902 Juniper Security Director, Critical Vulnerability Junos OS vulnerabilities - CVE-2025-21598 & CVE-2025-21599

Junos OS Evolved CVE-2026-21902 Juniper Security Director, Critical Vulnerability Junos OS vulnerabilities - CVE-2025-21598 & CVE-2025-21599

Critical Critical Flaw in Juniper PTX Routers: Unauthenticated Root Access Discovered

Do Son February 26, 2026

Juniper Networks has issued an urgent out-of-cycle security bulletin warning of a critical vulnerability affecting its PTX...

Unpatched ActiveMQ Flaw Leads to Repeat Breach and LockBit Ransomware LockBit 3.0 Ransomware

Unpatched ActiveMQ Flaw Leads to Repeat Breach and LockBit Ransomware

Do Son February 25, 2026

In the world of cybersecurity, “eviction” is rarely the end of the story. A new case study...

9.8 Total Takeover: Critical Zyxel Flaw (CVSS 9.8) Exposes Routers to Remote Command Injection CVE-2022-43389 - CVE-2024-12398 Zyxel UPnP Vulnerability CVE-2025-13942

CVE-2022-43389 - CVE-2024-12398 Zyxel UPnP Vulnerability CVE-2025-13942

9.8 Total Takeover: Critical Zyxel Flaw (CVSS 9.8) Exposes Routers to Remote Command Injection

Do Son February 25, 2026

Networking giant Zyxel has rolled out a wave of urgent security patches addressing multiple vulnerabilities across its...

Critical Root Access Granted: Four Critical RCE Flaws Patched in SolarWinds Serv-U CVE-2024-28075 & CVE-2024-23473 SolarWinds Serv-U RCE CVE-2025-40538

CVE-2024-28075 & CVE-2024-23473 SolarWinds Serv-U RCE CVE-2025-40538

Critical Root Access Granted: Four Critical RCE Flaws Patched in SolarWinds Serv-U

Do Son February 24, 2026

File transfer servers are meant to securely move sensitive data, but a new batch of critical vulnerabilities...

Critical Critical VMware Aria Operations Flaw Allows RCE During System Upgrades VMware Aria Operations CVE-2026-22719 VMware Fusion - CVE-2024-38811 VMware security, CVE-2025-22247

VMware Aria Operations CVE-2026-22719 VMware Fusion - CVE-2024-38811 VMware security, CVE-2025-22247

Critical Critical VMware Aria Operations Flaw Allows RCE During System Upgrades

Do Son February 24, 2026

For enterprise IT teams, VMware Aria Operations (formerly vRealize Operations) acts as the central nervous system for...

Critical Alert 4 Active Exploits Detected Today