The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

A severe security flaw, CVE-2024-3078, has been discovered in the Windows Wi-Fi driver. This vulnerability allows remote code execution at the kernel level without needing user interaction or ...

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

The company also releases advisories for high-severity data leaks and denial-of-service issues across multiple products, including Jira and Confluence. Atlassian has released urgent patches for ...

The remote code execution (RCE) vulnerability in Remote Desktop Protocol (RDP) of Windows (CVE-2019-0708) was patched by Microsoft in May. They have made patches available for all their systems, even ...

It's not been a good week for PDFs and security. In the span of seven days, Adobe and Foxit, a rival PDF provider, released dozens and dozens of security patches for their respective software. Several ...