MITRE Caldera security tool gets perfect 10 in insecurityUsers of MITRE's Caldera must immediately update to the latest version to protect against a critical remote code execution vulnerability.
Flaws in a popular dev library could let hackers run malicious code in your MongoDB databaseTwo critical vulnerabilities in Mongoose could expose MongoDB databases to remote code execution attacks by hackers.
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by HackersThreat actors are exploiting a vulnerability in SAP NetWeaver for unauthorized file uploads and code execution.
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA46 new security flaws discovered in solar inverter products pose risks to electrical grids.
Stealthy Apache Tomcat Critical Exploit Bypasses Security FiltersApache Tomcat is vulnerable to remote code execution attacks due to a recently disclosed vulnerability, CVE-2025-24813.
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public DisclosureA critical vulnerability in Apache Tomcat enables remote code execution and information disclosure, with active exploitation noted shortly after its disclosure.
MITRE Caldera security tool gets perfect 10 in insecurityUsers of MITRE's Caldera must immediately update to the latest version to protect against a critical remote code execution vulnerability.
Flaws in a popular dev library could let hackers run malicious code in your MongoDB databaseTwo critical vulnerabilities in Mongoose could expose MongoDB databases to remote code execution attacks by hackers.
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by HackersThreat actors are exploiting a vulnerability in SAP NetWeaver for unauthorized file uploads and code execution.
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA46 new security flaws discovered in solar inverter products pose risks to electrical grids.
Stealthy Apache Tomcat Critical Exploit Bypasses Security FiltersApache Tomcat is vulnerable to remote code execution attacks due to a recently disclosed vulnerability, CVE-2025-24813.
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public DisclosureA critical vulnerability in Apache Tomcat enables remote code execution and information disclosure, with active exploitation noted shortly after its disclosure.
Critical Apache Struts bug under active exploitCritical security flaw in Apache Struts 2 allows file upload manipulation, posing severe risks of remote code execution; immediate updates are essential.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerabilityErlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
Doomsday 9.9 unauthenticated RCE bug affects all LinuxA critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF InjectionGFI KerioControl firewalls have a vulnerability (CVE-2024-52875) allowing remote code execution due to improper input sanitization, posing significant security risks.
Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution RisksA high-severity vulnerability in Meta's Llama framework could allow remote code execution via deserialization of untrusted data.
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary CodeA critical security vulnerability in Apache Parquet allows remote code execution, affecting versions up to 1.15.0.
Critical Apache Struts bug under active exploitCritical security flaw in Apache Struts 2 allows file upload manipulation, posing severe risks of remote code execution; immediate updates are essential.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerabilityErlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
Doomsday 9.9 unauthenticated RCE bug affects all LinuxA critical 9.9-rated unauthenticated RCE flaw is affecting GNU/Linux systems, with no fix yet despite disclosure to developers three weeks ago.
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF InjectionGFI KerioControl firewalls have a vulnerability (CVE-2024-52875) allowing remote code execution due to improper input sanitization, posing significant security risks.
Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution RisksA high-severity vulnerability in Meta's Llama framework could allow remote code execution via deserialization of untrusted data.
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary CodeA critical security vulnerability in Apache Parquet allows remote code execution, affecting versions up to 1.15.0.
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCEA vulnerability in the Parquet-avro module of a Java library could allow remote code execution through crafted files.
Critical Ingress NGINX Controller Vulnerability Allows RCE Without AuthenticationCritical vulnerabilities in Ingress NGINX Controller expose 6,500 Kubernetes clusters to remote code execution risks.
September Patch Tuesday: Update before 1 October | Computer WeeklyMicrosoft has issued critical fixes for multiple remote code vulnerabilities in its September 2024 update, indicating urgency for users to patch their systems.
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCEA vulnerability in the Parquet-avro module of a Java library could allow remote code execution through crafted files.
Critical Ingress NGINX Controller Vulnerability Allows RCE Without AuthenticationCritical vulnerabilities in Ingress NGINX Controller expose 6,500 Kubernetes clusters to remote code execution risks.
September Patch Tuesday: Update before 1 October | Computer WeeklyMicrosoft has issued critical fixes for multiple remote code vulnerabilities in its September 2024 update, indicating urgency for users to patch their systems.
MITRE Caldera security advisory warns of maximum severity flawA critical Remote Code Execution vulnerability (CVE-2025-27364) has been identified in MITRE Caldera's dynamic compilation functionality.
Printing vulnerability affecting Linux distros raises alarm | Computer WeeklyThe newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.
Critical Flaws in Traccar GPS System Expose Users to Remote AttacksTraccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.
Your Netgear Wi-Fi router could be wide open to hackers - install the fix nowNetgear has patched critical security vulnerabilities in several Wi-Fi routers and access points, urging timely updates for user safety.
MediaTek says 'Happy New Year' with critical RCE, other bugsMediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.
Printing vulnerability affecting Linux distros raises alarm | Computer WeeklyThe newly discovered vulnerabilities in Cups pose a significant security risk to numerous devices, potentially exposing them to remote code execution.
Critical Flaws in Traccar GPS System Expose Users to Remote AttacksTraccar GPS system has critical vulnerabilities allowing remote code execution via path traversal if guest registration is enabled, posing serious security risks.
Your Netgear Wi-Fi router could be wide open to hackers - install the fix nowNetgear has patched critical security vulnerabilities in several Wi-Fi routers and access points, urging timely updates for user safety.
MediaTek says 'Happy New Year' with critical RCE, other bugsMediaTek disclosed a critical vulnerability affecting 51 chipsets, posing severe security risks to multiple device categories.
Apache issues patches for critical Struts 2 RCE bugThe Apache Struts 2 vulnerability (CVE-2024-53677) has a severity rating of 9.5 and poses a serious security risk, necessitating immediate action for users.
Zero Day Initiative - Exploiting Exchange PowerShell After ProxyNotShell: Part 3 - DLL Loading Chain for RCEThe article explains a chain of vulnerabilities in Microsoft Exchange that lead to remote code execution.
PoCcode released for zero-click Windows critical vulnWindows users must install the latest patches swiftly to protect against CVE-2024-38063, a critical vulnerability that allows remote code execution.
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick ShareAs many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.
Google patches Quick Share for Windows to shut malware holeGoogle's Quick Share for Windows had 10 now-fixed bugs, allowing remote code execution through a full RCE chain.
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick ShareAs many as 10 security flaws were discovered in Google's Quick Share utility, leading to a potential remote code execution threat on systems with the software.
Google patches Quick Share for Windows to shut malware holeGoogle's Quick Share for Windows had 10 now-fixed bugs, allowing remote code execution through a full RCE chain.
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on UsersSonos smart speakers have vulnerabilities that could allow remote code execution and covert audio capture by hackers.
AWS 'Bucket Monopoly' attacks could allow account takeoverCritical flaws in AWS services allowed remote code execution and account takeover, fixed by AWS after Aqua Security's research.