A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring immediate patching and compromise assessment.

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

Google adds a Rust-based DNS parser to Pixel 10 modem firmware, reducing memory vulnerabilities and strengthening defenses ...

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

Microsoft has issued hotpatch KB5084597 for Windows 11, adding no-restart coverage for three previously disclosed remote code execution vulnerabilities in the Routing and Remote Access Service. The ...

Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by opening a file. The assistant also created ...