Tag: code execution
30 articles

U-Boot Flaws Expose Devices to Code Execution, Crashes
Six newly discovered flaws in U-Boot, a widely used bootloader, leave devices from home routers to data-center servers vulnerable to code execution and crashes, posing a significant risk to everything that loads after it. These vulnerabilities can be exploited before the operating system even starts, undermining the entire security chain.

OpenClaw Flaws Expose Hosts to Code Execution via WhatsApp
Three newly patched flaws in the OpenClaw personal AI assistant could let hackers execute code on your device via WhatsApp, putting sensitive data like SSH keys, AWS credentials, and GPG secrets at risk. This alarming vulnerability was addressed in OpenClaw version 2026.6.6.

AI Security Tools Expose Vulnerability to Cyber-Attacks
Researchers have uncovered a chilling vulnerability in AI-powered security tools, allowing hackers to remotely execute malicious code and wreak havoc on even the most secure systems. This shocking exploit, demonstrated through a proof-of-concept attack on popular AI coding agents, highlights a critical weakness that leaves defenses wide open.

CISA Mandates Patching of Exploited Adobe ColdFusion Flaw
Adobe has issued a warning to patch a critical flaw, CVE-2026-48282, in ColdFusion versions 2025.9, 2023.20, and earlier, as attackers have already begun exploiting it just two hours after disclosure. Admins are urged to deploy the updates within 72 hours to prevent code execution on unpatched systems.

Vulnerabilities in FatFs Filesystem Expose Millions of Embedded Devices to Code Execution
Millions of embedded devices are at risk of code execution due to seven vulnerabilities in the widely-used FatFs filesystem, which can be easily exploited with physical access, effectively leading to a jailbreak. This set of flaws, ranging from medium to high severity, poses a significant threat to device security.

libssh2 Flaw Exposes Clients to Code Execution Risk
A critical flaw in libssh2, known as CVE-2026-55200, can be exploited by a malicious SSH server to trigger memory corruption on a connecting client, with no credentials or user interaction required. This vulnerability can be easily triggered with a public proof-of-concept now available.

Amazon Q Developer Flaw Lets Malicious Repos Run Code via MCP Configs
A high-severity flaw in Amazon Q Developer, tracked as CVE-2026-12957, allowed malicious repositories to run commands and steal cloud credentials simply by being opened in an IDE. This vulnerability put developers at risk of having their sensitive AWS keys, cloud CLI tokens, and API secrets compromised.

Cordyceps Flaws Compromise 300+ GitHub Repositories
A newly discovered flaw, dubbed Cordyceps, has left over 300 GitHub repositories vulnerable to exploitation by unauthenticated users, allowing for code execution, credential theft, and supply-chain compromise. This critical weakness can be easily exploited, putting countless open-source projects at risk.

Microsoft Fixes AutoGen Studio Flaw That Enabled Code Execution
Microsoft swiftly squashed a potential code execution flaw in AutoGen Studio, ensuring the vulnerable code never made it to users via a PyPI release. The fix addressed a sneaky three-part vulnerability chain, dubbed AutoJack, that could have been exploited to run malicious code.

Google Vertex AI SDK Flaw Exposes Model Uploads to Hijacking
A newly discovered flaw in the Google Vertex AI SDK for Python left model uploads vulnerable to hijacking, allowing attackers to swap models and execute code within Google's serving infrastructure in a matter of seconds. This vulnerability, found by Palo Alto Networks Unit 42, could be exploited in just 2.5 seconds - a window of opportunity for attackers to wreak havoc.

GitHub Disrupts Supply Chain Attacks by Blocking npm Install Scripts
GitHub is taking a bold step to safeguard the npm ecosystem by blocking install scripts from running by default, tackling the single largest code-execution surface in the ecosystem. This move, part of npm 12's release, aims to prevent supply chain attacks by requiring explicit permission for scripts to run.

GitHub Bolsters npm Security to Thwart Supply-Chain Attacks
GitHub's upcoming npm v12 update is a game-changer for supply-chain security, as it will require explicit approval for automated actions like install scripts and dependency resolution that are often exploited by attackers. This move aims to shut down common code-execution paths and give developers, CI/CD pipelines, and security teams greater control over their code.

GitHub Overhauls npm Defaults to Thwart Script-Based Attacks
GitHub is taking a major step to boost npm security by changing its default settings to block automatic execution of install-time lifecycle scripts, a common vulnerability exploited in script-based attacks. Starting with npm 12, these scripts will require explicit permission to run, unless explicitly allowed via a new allowlist mechanism.

Protobuf.js Vulnerabilities Expose Node.js Apps to Code Execution, DoS
A single malicious protobuf schema could be all it takes to trigger crashes, corrupt runtimes, or even execute code in vulnerable Node.js apps, warns Cyera security researcher Assaf Morag. Six newly identified vulnerabilities in protobuf.js, known as Proto6, carry high severity scores and could put your app at risk.

Google patches actively exploited Android zero-day flaw amid June security updates
Google just patched a high-severity Android flaw that's being actively exploited by hackers, allowing them to gain control of devices running Android 14 or later. The June security update fixes this zero-day vulnerability, along with 123 others, to keep your device safe.

AI Agent Executes End-to-End Cyberattack in Under an Hour
In a chilling demonstration of speed and stealth, a sophisticated AI agent executed a devastating cyberattack from start to finish in under an hour, exploiting a vulnerable marimo notebook to gain code execution and ultimately exfiltrating a PostgreSQL database. This alarming intrusion highlights the lightning-fast potential of modern cyber threats.

GitHub Actions Supply Chain Attack Exfiltrates CI/CD Credentials
A sneaky supply chain attack on GitHub Actions has led to the theft of CI/CD credentials, with hackers using a clever trick to redirect tags to fake commits that hide malicious code. By masquerading as legitimate commits, attackers were able to execute arbitrary code and evade pull request reviews.

NGINX Vulnerability Exposes Servers to DoS, Potential Code Execution
A critical vulnerability, CVE-2026-42945, has been lurking in NGINX's code for 18 years, exposing servers to potential DoS attacks and code execution - and affecting a staggering third of the top-ranked websites. This heap buffer overflow flaw, rated 9.2 in severity, is a wake-up call for NGINX users to take immediate action.

Exim BDAT Flaw Exposes GnuTLS Builds to Code Execution Risk
A newly discovered vulnerability, dubbed Dead.Letter, threatens Exim builds that use GnuTLS, allowing attackers to exploit a use-after-free flaw in BDAT handling and potentially execute malicious code. This critical flaw can be triggered when a specific sequence of BDAT and TLS commands is sent, leading to heap corruption and a heightened risk of code execution.

vm2 Library Vulnerabilities Enable Sandbox Escape and Code Execution
A dozen critical vulnerabilities in the vm2 Node.js library can be exploited by hackers to break free from sandbox restrictions and run malicious code on vulnerable systems. This serious security flaw has been assigned high CVSS scores, emphasizing the urgent need for users to patch their systems.

Vm2 Sandbox Flaw Exposes Host Systems to Code Execution Risk
A critical vulnerability, CVE-2026-26956, in the popular vm2 Node.js library can allow attackers to break free from the sandbox and execute malicious code on your host system, putting your entire environment at risk. To stay safe, upgrade to vm2 version 3.10.5 or later, or 3.11.2 for the latest protection.

Terrarium Sandbox Flaw Enables Code Execution, Container Escape
A critical flaw in Terrarium's sandbox, rated 9.3 on the CVSS scale, allows attackers to break free from container constraints and execute code with root privileges. This alarming vulnerability, tracked as CVE-2026-5752, stems from a JavaScript prototype chain traversal that lets sandboxed code run amok on the host Node.js process.

Google Fixes Antigravity Flaw That Enabled Code Execution
Google's Antigravity tool, designed to streamline coding, had a flaw that allowed hackers to run malicious code - but luckily, the tech giant has patched the vulnerability. This fix prevents cyber threats that could have exploited the tool's file-creation capabilities and lax input sanitization.

Protobuf library flaw enables remote JavaScript code execution
A critical flaw in the popular protobuf.js library has been exposed, allowing hackers to execute JavaScript code remotely - and a proof-of-concept exploit has already been published, putting countless systems at risk.