Remote Code Execution Archives • Page 8 of 25 • Daily CyberSecurity

Video of Death: Critical vLLM Flaw (CVSS 9.8) Grants Remote Code Execution vLLM Vulnerability CVE-2026-22778 vLLM Memory Corruption, AI Inference RCE CVE-2025-29783 CVE-2025-32444 vLLM vulnerability vLLM, Remote Code Execution

vLLM Vulnerability CVE-2026-22778 vLLM Memory Corruption, AI Inference RCE CVE-2025-29783 CVE-2025-32444 vLLM vulnerability vLLM, Remote Code Execution

Video of Death: Critical vLLM Flaw (CVSS 9.8) Grants Remote Code Execution

Do Son February 5, 2026

A new critical vulnerability has been discovered in vLLM, a widely used high-performance library for Large Language...

PoC Public & Exploited: Critical SolarWinds Help Desk Flaw Exploited in the Wild State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

State-Sponsored Exploitation CISA KEV Catalog F5 BIG-IP RCE CISA KEV Catalog SolarWinds WHD Exploit CVE-2025-40551 Zimbra XSS Zero-Day CVE-2025-27915 Exploited Windows Security Vulnerabilities

PoC Public & Exploited: Critical SolarWinds Help Desk Flaw Exploited in the Wild

Do Son February 4, 2026

The clock is ticking for organizations running SolarWinds Web Help Desk (WHD), as a nightmare scenario unfolds:...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

React Under Siege: Two IPs Drive 56% of Critical CVE-2025-55182 Attacks

Do Son February 4, 2026

Two months after the disclosure of a catastrophic vulnerability in React Server Components, the attack landscape has...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

One Click to “God Mode”: The Critical OpenClaw Flaw That Handed Attackers Your Master Keys

Do Son February 2, 2026

The open-source artificial intelligence utility OpenClaw (formerly recognized as Moltbot and ClawdBot) has garnered a vast user...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Exploited in the Wild: Critical Ivanti EPMM RCE Flaws (CVSS 9.8) Under Attack

Do Son January 30, 2026

Ivanti has issued an urgent security advisory confirming that attackers are actively exploiting critical vulnerabilities in its...

Safety Broken: PyTorch “Safe” Mode Bypassed by Critical RCE Flaw PyTorch vulnerability, CVE-2025-32434 CVE-2026-24747

Safety Broken: PyTorch “Safe” Mode Bypassed by Critical RCE Flaw

Do Son January 29, 2026

The development team behind PyTorch, the backbone of modern deep learning and AI research, has patched a...

CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE PHPUnit RCE Poisoned Pipeline Execution PHPUnit Vulnerability CVE-2026-24765

PHPUnit RCE Poisoned Pipeline Execution PHPUnit Vulnerability CVE-2026-24765

CVE-2026-24765: PHPUnit Vulnerability Exposes CI/CD Pipelines to RCE

Do Son January 29, 2026

The maintainers of PHPUnit, the industry-standard testing framework for PHP, have released a critical security update to...

CVE-2026-24002: Critical Sandbox Escape Turns Grist Spreadsheets into RCE Weapons

Do Son January 29, 2026

A seemingly innocent spreadsheet formula could be the key to compromising entire organizations, thanks to a critical...

CVE-2026-23830: Critical SandboxJS Flaw (CVSS 10) Allows Total Sandbox Escape

Do Son January 29, 2026

A perfect storm of missing checks has led to a maximum-severity vulnerability in SandboxJS, a library designed...

SolarWinds Web Help Desk Hit with Multiple RCE and Auth Bypass Vulnerabilities CVE-2024-23476 & CVE-2024-23479 SolarWinds Web Help Desk Unauthenticated RCE

CVE-2024-23476 & CVE-2024-23479 SolarWinds Web Help Desk Unauthenticated RCE

SolarWinds Web Help Desk Hit with Multiple RCE and Auth Bypass Vulnerabilities

Do Son January 28, 2026

Security researchers have disclosed a barrage of critical vulnerabilities in SolarWinds Web Help Desk (WHD) software. The...

Sandbox Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

n8n Node RCE Vulnerabilities CVE-2026-44791 Prototype Pollution n8n RCE Vulnerabilities CVE-2026-27497 CVE-2026-25053 n8n RCE Vulnerability CVE-2026-21877 n8n RCE, CVE-2025-68613 n8n Git RCE, core.hooksPath Exploit

Sandbox Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution

Do Son January 28, 2026

Security researcher Natan Nehorai of the JFrog Security Research Team has uncovered a critical Remote Code Execution...

HPE Aruba Patches High-Severity RCE and OpenSSL Flaws CVE-2024-42509 & CVE-2024-47460 HPE Aruba Fabric Composer CVE-2026-23592 Aruba AOS-CX CVE-2026-23813

CVE-2024-42509 & CVE-2024-47460 HPE Aruba Fabric Composer CVE-2026-23592 Aruba AOS-CX CVE-2026-23813

HPE Aruba Patches High-Severity RCE and OpenSSL Flaws

Do Son January 28, 2026

HPE Aruba Networking has released a critical security advisory urging administrators to patch their Fabric Composer software...

Pre-Auth RCE Risk: OpenSSL Patches High-Severity Stack Overflow (CVE-2025-15467) OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

Pre-Auth RCE Risk: OpenSSL Patches High-Severity Stack Overflow (CVE-2025-15467)

Do Son January 28, 2026

The maintainers of OpenSSL, the cryptographic library that underpins a vast portion of the secure web, have...

CVSS 9.8 Sandbox Escape: Critical vm2 Flaw Exposes Millions of Apps Lockbit ransomware vm2 Vulnerability Sandbox Escape

CVSS 9.8 Sandbox Escape: Critical vm2 Flaw Exposes Millions of Apps

Do Son January 27, 2026

A critical security vulnerability has been unearthed in vm2, a highly popular sandbox library for Node.js used...

Exploit Code Publicly Released: Critical Firefox WebRTC Flaw Allows RCE (CVSS 9.8) Firefox built-in VPN Firefox VPN data limit, Firefox VPN countries, Mozilla VPN subscription Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Firefox built-in VPN Firefox VPN data limit, Firefox VPN countries, Mozilla VPN subscription Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Exploit Code Publicly Released: Critical Firefox WebRTC Flaw Allows RCE (CVSS 9.8)

Do Son January 27, 2026

A critical vulnerability in Mozilla Firefox has been found, with security researchers publicly releasing both the technical...

PoC Released for Critical Oracle E-Business Suite Flaw Exploited by Ransomware Oracle E-Business Suite RCE CVE-2025-61882 PoC

PoC Released for Critical Oracle E-Business Suite Flaw Exploited by Ransomware

Do Son January 26, 2026

Vietnamese security researcher MB VRED has publicly released the technical blueprints and proof-of-concept (PoC) exploit code for...

Ghost in the Code: Critical RCE Found in Abandoned Python PLY Library (CVSS 9.8) Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Ghost in the Code: Critical RCE Found in Abandoned Python PLY Library (CVSS 9.8)

Do Son January 26, 2026

A critical vulnerability has been unearthed in PLY (Python Lex-Yacc), a legendary parsing library that has served...

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA KEV Catalog DarkSword Exploit Draytek Routers VMware vCenter RCE CVE-2024-37079

CISA Alert: Critical VMware vCenter RCE (CVSS 9.8) Now Exploited in the Wild

Do Son January 25, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom VMware vCenter Server...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

“Enjoy Your Admin Access”: Critical SmarterMail RCE Exploited in the Wild

Do Son January 22, 2026

Just weeks after a major vulnerability rocked the SmarterMail ecosystem, security researchers have uncovered a new, critical...

7 Million Exposed: Critical CVSS 9.8 RCE Vulnerability Hits Laravel Reverb Laravel Reverb Vulnerability CVE-2026-23524

7 Million Exposed: Critical CVSS 9.8 RCE Vulnerability Hits Laravel Reverb

Do Son January 22, 2026

A critical vulnerability has been discovered in Laravel Reverb, a massively popular WebSocket package used by millions...

Critical Alert 4 Active Exploits Detected Today