CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate ...

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

Yubico warns of a search path vulnerability in YubiKey Manager, libfido2 and python-fido2. Updates fix the bugs.