remote code execution
Coverage of remote code execution in the Nexus archive.
- SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
CISA added a high-severity remote code execution vulnerability (CVE-2026-45659) in Microsoft SharePoint Server to its Known Exploited Vulnerabilities catalog due to active exploitation. The flaw, rated with a CVSS score of 8.8, stems from deserialization of untrusted data.
- Microsoft warns users of 'Crypto Clipper' malware spread via USB drives
Microsoft has warned users about 'Crypto Clipper' malware distributed through USB drives. The malware combines data theft with remote code execution, transforming a financially motivated stealer into a lightweight backdoor.
- LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers disclosed three patched security flaws in LangGraph, an open-source framework by LangChain for building AI agents, including a critical vulnerability chain that could lead to remote code execution.
- Gogs patches critical zero-day enabling remote code execution
Gogs has patched a critical zero-day security flaw that could allow attackers to execute remote code and access repositories, including private ones, on Internet-facing instances.
- Critical UniFi OS bug lets hackers gain root without authentication
A critical bug in Ubiquiti UniFi OS allows hackers to gain root access without authentication by chaining three fixed vulnerabilities. Attackers can execute remote code with elevated privileges through this exploit.
- Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are exploiting a critical remote code execution vulnerability (CVE-2026-3300) in Everest Forms Pro, a WordPress plugin with 4,000 active installations, leading to site compromises. The vulnerability affects all versions up to 1.9.12.
- Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
A critical remote code execution (RCE) vulnerability has been disclosed in Gogs, an open-source self-hosted Git service, allowing authenticated users to execute arbitrary code. The flaw is rated 9.4 on the CVSS scoring system and currently lacks a CVE identifier.
- New Gogs zero-day flaw lets hackers get remote code execution
A new zero-day vulnerability in the Gogs self-hosted Git service allows attackers to achieve remote code execution on internet-facing instances. The flaw remains unpatched, posing a security risk.
- Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
Microsoft has released patches to address a critical remote code execution vulnerability (CVE-2026-45659) in SharePoint with a CVSS score of 8.8. The flaw, which could be exploited without specialized conditions, is classified as important severity.
- Ubiquiti patches three max severity UniFi OS vulnerabilities
Ubiquiti has released security updates addressing three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without requiring special privileges. These patches are critical for protecting UniFi infrastructure from unauthorized remote access.
- Google accidentally exposed details of unfixed Chromium flaw
Google accidentally disclosed details about an unfixed security vulnerability in Chromium that allows JavaScript to execute in the background after the browser is closed, enabling remote code execution on affected devices. The leaked information about this critical flaw poses a significant security risk to users until a patch is developed and released.
- 18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old vulnerability in NGINX allows denial of service and potential remote code execution under certain conditions. The flaw was discovered using an autonomous scanning system. This vulnerability can be exploited for malicious purposes.
- AI Finds 38 Security Flaws in Electronic Health Record Platform
AI discovered 38 security flaws in OpenEMR's electronic health record platform, which is used by over 100,000 healthcare providers. The vulnerabilities allowed database compromise, remote code execution, and data theft.
- GitHub fixes RCE flaw that gave access to millions of private repos
GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) in early March that could have allowed attackers to access millions of private repositories. The flaw, if exploited, would have exposed sensitive code and data stored in private GitHub projects.
- Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Cybersecurity researchers discovered a critical remote code execution (RCE) vulnerability in GitHub.com and GitHub Enterprise Server, tracked as CVE-2026-3854 (CVSS score: 8.7). The flaw allows authenticated users with push access to exploit a command injection vulnerability via a single 'git push' command.
- GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
A critical Remote Code Execution (RCE) vulnerability, CVE-2026-3854, was disclosed in GitHub, allowing attackers to execute arbitrary code. The flaw, detailed in a Wiz.io blog post, has sparked discussion on Hacker News with 11 comments and 23 upvotes.
- Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
A critical remote code execution flaw (CVE-2026-1731) in Bomgar RMM has led to a surge in exploitation attempts, enabling ransomware attacks and supply chain compromises. The vulnerability highlights significant risks in remote monitoring and management tools.
- SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
A critical security vulnerability, CVE-2026-5760, in SGLang allows remote code execution via malicious GGUF model files. The flaw, with a CVSS score of 9.8, stems from command injection and affects the high-performance open-source serving framework.
- Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is being actively exploited for credential theft. The flaw allows attackers to execute arbitrary code without prior authentication, posing significant security risks.
- Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to address a critical security flaw in Acrobat Reader (CVE-2026-34621) that is being actively exploited. The vulnerability, rated 8.6 on the CVSS scale, could allow attackers to execute malicious code on affected systems.
- Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical remote code execution vulnerability (CVE-2026-39987) in Marimo, a Python data science notebook, was exploited within 10 hours of disclosure. The flaw affects all versions up to a specific release and was identified by Sysdig with a CVSS score of 9.3.
- 13-year-old bug in ActiveMQ lets hackers remotely execute commands
A critical remote code execution vulnerability in Apache ActiveMQ Classic, undetected for 13 years, allows hackers to execute arbitrary commands remotely. Security researchers have identified the flaw, raising concerns about potential exploitation of the outdated system.
- Hackers exploit critical flaw in Ninja Forms WordPress plugin
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows unauthenticated arbitrary file uploads, enabling remote code execution. The flaw poses a significant security risk to WordPress users.
- Max severity Flowise RCE vulnerability now exploited in attacks
A critical vulnerability (CVE-2025-59528) in Flowise, an open-source platform for building LLM apps and agentic systems, is being exploited by hackers to execute arbitrary code. The vulnerability, classified as maximum severity, poses a significant security risk.
- AI agents found vulns in this popular Linux and Unix print server
A security researcher and AI agents discovered two vulnerabilities in the CUPS print server, allowing unauthenticated remote code execution and root access. The flaws could enable attackers to overwrite files and execute arbitrary code on affected systems.