A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April ...

Cisco has released patches for several high-severity vulnerabilities that could lead to code execution, SSRF attacks, and DoS ...

Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS ...

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

A high-severity vulnerability, CVE-2026-3854, in GitHub Enterprise Server allowed anyone with push access to execute arbitrary code on the host, threatening sensitive private repositories. While ...