Skip to main content

Tag: arbitrary code execution

22 articles

A laptop with a blank screen sits on a neutral surface, surrounded by development tools in a bright, clean tech lab setting.

Browser, Software Updates Fix Critical Flaws

Major tech players, including Adobe, Mozilla, Google, and Broadcom, have just rolled out critical security updates to fix dozens of vulnerabilities - and it's crucial to install them ASAP to avoid potential code execution and privilege escalation threats. Adobe alone is patching 88 flaws, including eight high-risk issues in ColdFusion that could lead to serious security breaches.

Analyst 207
Close-up of a circuit board with microcontroller and components, in a laboratory setting with a laptop in the background.

U-Boot Flaws Expose Devices to Stealthy Firmware Attacks

Researchers uncovered six critical vulnerabilities in U-Boot's firmware signature verification code, leaving devices open to stealthy attacks that can execute malicious code at startup. These flaws, ranging from denial of service to arbitrary code execution, highlight a major security risk that needs to be addressed.

Analyst 207
Brightly-lit office workstation with laptop and server equipment.

Adobe ColdFusion Flaw Exploited in Targeted Attacks

With 775 exposed ColdFusion instances online, a newly patched flaw is being exploited by attackers, putting countless systems at risk. Adobe has urgently warned customers to apply updates immediately to protect against this and 10 other critical vulnerabilities.

Analyst 207
Brightly-lit tech facility with laptop screen or coding workstation, symbolizing software security.

Adobe Fixes CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe is racing against the clock to keep you safe, with emergency updates for ColdFusion and Campaign Classic that squash critical flaws allowing hackers to wreak havoc. The timely patches fix vulnerabilities that could lead to devastating attacks, from code execution to security breaches.

Analyst 207
Network operations room with load balancer appliance surrounded by standard networking equipment.

Progress LoadMaster Flaw Lets Attackers Run Root Commands Pre-Auth

A critical flaw in Progress Kemp LoadMaster, known as CVE-2026-8037, allows attackers to run root commands without authentication - but a patch is now available to fix this gaping security hole. This vulnerability, scoring a severe 9.8, can be exploited with a simple crafted API request.

Analyst 207
Google Chrome browser window on laptop with YouTube open, surrounded by home office setting.

Popular Chrome Ad Blocker Exposes Script Injection Risk

A popular Chrome ad blocker with over 10 million installs, Adblock for YouTube, has been found to have a shocking vulnerability that could allow hackers to inject malicious JavaScript into any website, all with just a single server-side tweak. This means users could be exposed to serious security risks without even realizing anything has changed.

Analyst 207
Laptop screen on a desk with blurred background, conveying urgency and vulnerability.

Google Chrome Zero-Day Exploited in Wild, Prompting Urgent Patch

Google just dropped an urgent update for Chrome, and you need to know why: a zero-day exploit, tracked as CVE-2026-11645, has been found in the wild, allowing hackers to execute malicious code inside your browser. This critical vulnerability lets attackers access memory outside of Chrome's intended limits, putting your online safety at risk.

Analyst 207
Laptop on a neutral surface with a blank screen displaying a soft gradient, in a clean and minimalist setting.

Google patches Chrome zero-day flaw under active exploitation

Google just released urgent updates to fix a high-severity Chrome flaw that's being actively exploited by hackers - the fifth zero-day vulnerability patched by the company this year. This latest bug, CVE-2026-11645, could let attackers run malicious code and access sensitive data in your browser.

Analyst 207
Technicians examine a large router and network diagram in a control room with a map of network topology on a screen.

Cisco SD-WAN Zero-Day Exploited in Targeted Attacks

Cisco is warning of a high-severity zero-day vulnerability in its Catalyst SD-WAN Manager that is being actively exploited, allowing attackers to gain root privileges and execute arbitrary commands. This critical flaw affects all deployment types and could put your network at risk if left unpatched.

Analyst 207
University research setting with computer screen displaying gradient-colored blocks representing vulnerability stages.

AI Models Outpace GPT-5.5 in Chrome Vulnerability Exploits

Meet ExploitBench, a groundbreaking benchmark that puts AI models to the test, pushing them to go beyond mere vulnerability detection and actually exploit real-world flaws - and the results are in. This innovative tool, developed by Bugcrowd and Carnegie Mellon University experts, grades AI models on their ability to chain discoveries into usable exploits, revealing surprising capabilities.

Analyst 207
Network device sits prominently in a server room with management console blurred in background.

Hackers Exploit FortiClient Flaw to Deliver Infostealer Malware

Hackers are exploiting a vulnerability in FortiClient Enterprise Management Server to deliver infostealer malware, cleverly disguising the payload as a legitimate Fortinet endpoint update. This sneaky tactic uses FortiClient-managed VPN scripting workflows to execute the malicious code, putting security teams on high alert.

Analyst 207
Rows of computer servers and storage equipment in a brightly-lit data center with a sense of urgency.

LiteSpeed Plugin Flaw Exploited to Run Scripts as Root

A critical flaw in the LiteSpeed plugin, CVE-2026-48172, is being actively exploited to give cPanel users unlimited power, allowing them to run scripts as root. This severe vulnerability, rated 10.0 on the CVSS scale, puts your online security at risk and demands immediate attention.

Analyst 207
Rows of computer servers and networking equipment in a server room or network operations center.

Drupal Sites Targeted in SQL Injection Attacks

Drupal sites are under attack as SQL injection exploits are now being detected in the wild, taking advantage of a vulnerability that can be triggered without authentication. This critical flaw, CVE-2026-9082, allows attackers to execute arbitrary SQL and potentially run remote code, putting sites that use PostgreSQL at risk.

Analyst 207
Rows of computer servers and equipment in a well-lit server room or data center.

ChromaDB Flaw Enables Server Hijacking via AI Model Exploit

A newly discovered vulnerability, CVE-2026-45829, in ChromaDB's Python FastAPI variant allows hackers to hijack servers by exploiting AI models, with a security expert noting that authentication is present but poorly placed. This flaw lets unauthenticated attackers run arbitrary code on exposed servers by cleverly manipulating API endpoints.

Analyst 207
Network operations room with a cracked screen symbolizing exploited vulnerability.

Palo Alto Networks Exploits Critical PAN-OS Flaw in Limited Attacks

Palo Alto Networks has patched a critical flaw in its PAN-OS software, CVE-2026-0300, which allowed hackers to execute malicious code with root privileges - and the company says it's already been exploited in targeted attacks. The vulnerability, a buffer overflow in the User-ID Authentication Portal service, could be triggered by sending specially crafted packets.

Analyst 207
Rows of computer servers and storage equipment in a brightly-lit data center setting.

SAP Patches Critical Flaws in Commerce Cloud and S/4HANA

SAP has patched a critical vulnerability in its Commerce Cloud and S/4HANA systems, warning that hackers could exploit the flaw to upload malicious code and take control of the application. This security gap, caused by a misconfigured Spring Security setup, put sensitive data and system integrity at risk.

Analyst 207
Rows of computer servers and networking equipment in a brightly-lit data center.

cPanel Discloses Fixes for High-Severity Vulnerabilities

cPanel has patched three high-severity vulnerabilities, including a critical flaw that allows hackers to execute arbitrary Perl code, putting your online data at risk. The fixes address weaknesses that could be exploited to read sensitive files, disrupt service, or execute malicious code.

Analyst 207
Network equipment and cables surround a central firewall device in a data center.

Palo Alto Firewalls Targeted in Active Exploitation

Thousands of Palo Alto firewalls are at risk due to an actively exploited vulnerability, CVE-2026-0300, that allows hackers to execute arbitrary code with root privileges. This alarming flaw affects 5,821 internet-exposed VM-Series firewalls, leaving them open to potential cyber attacks.

Analyst 207
Brightly-lit network operations environment with a firewall on a rack amidst surrounding equipment.

Palo Alto Networks Firewalls Targeted in Zero-Day Exploits

Palo Alto Networks firewalls are under attack by zero-day exploits targeting a vulnerability in the User-ID Authentication Portal, allowing hackers to execute malicious code with root privileges. This buffer overflow flaw, tracked as CVE-2026-0300, poses a significant risk to organizations with Internet-exposed firewalls.

Analyst 207
Sharp-focus laptop screen on a modern desk with blurred background.

Google Fixes Critical Gemini CLI Flaw Enabling Remote Code Execution

Google patched a critical flaw in Gemini CLI that allowed hackers to inject malicious code and take control of host systems, thanks to a report from Novee Security. The vulnerability, scoring a perfect 10.0 on the CVSS scale, has been fixed in recent updates to the @google/gemini-cli and google-github-actions/run-gemini-cli packages.

Analyst 207
Dark scene with broken padlock, circuit boards, and laptop screen displaying malicious model file in shadows.

SGLang Flaw Enables Remote Code Execution via Malicious Model Files

A single malicious file can become a powerful gateway for attackers to run arbitrary commands on vulnerable machines - and a newly disclosed flaw in SGLang, CVE-2026-5760, reveals just how easily this can happen through specially crafted GGUF model files. This highly severe vulnerability, scoring 9.8 out of 10.0, enables remote code execution on systems that trust it.

Analyst 207
Lone figure hunched over laptop surrounded by wires and circuit boards with code glowing on screen, with a looming fortress…

Cisco Fixes Flaws Enabling Code Execution in Identity Services, Webex

Cisco has patched four critical vulnerabilities in its Identity Services and Webex Services, which could have allowed attackers to run arbitrary code and impersonate any user, posing a massive security risk. The fixes address flaws with CVSS scores as high as 9.8, safeguarding against devastating attacks.

Analyst 207