Tag: remote-code-execution
-
FFmpeg vulnerability ‘PixelSmash’ could enable RCE via video file
First seen on scworld.com Jump to article: www.scworld.com/news/ffmpeg-vulnerability-pixelsmash-could-enable-rce-via-video-file
-
Critical FFmpeg Vulnerability Lets Hackers Execute Remote Code via Malicious Media Files
A critical memory corruption vulnerability in FFmpeg has been disclosed, allowing for remote code execution through specially crafted media files. This flaw, tracked as CVE-2026-8461 and named “PixelSmash,” affects the MagicYUV decoder within FFmpeg’s libavcodec library and has a CVSS score of 8.8. Discovered by JFrog Security Research, the vulnerability arises from a heap out-of-bounds…
-
FFmpeg fixes PixelSmash flaw in widely used video decoder
A newly disclosed FFmpeg flaw dubbed ‘PixelSmash’ could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ffmpeg-fixes-pixelsmash-flaw-in-widely-used-video-decoder/
-
Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack
Tags: attack, backdoor, breach, credentials, firewall, fortinet, Hardware, network, rce, remote-code-execution, WeeklyReviewHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: A hardware neural network backdoor that hides in plain sight Deep learning … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/21/week-in-review-74k-fortinet-firewall-credentials-stolen-splunk-enterprise-rce-under-active-attack/
-
AutoJack Exploit Chain Hits Microsoft AutoGen Studio With Zero-Click RCE Attack
A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and silently execute arbitrary code on the host machine, requiring no user interaction beyond submitting a URL. AutoJack targets AutoGen Studio, Microsoft Research’s open-source prototyping UI for multi-agent AI systems. The technique weaponizes the agent’s built-in web-browsing capabilities…
-
Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/19/splunk-vulnerability-cve-2026-20253-exploited/
-
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems.The vulnerabilities are listed below – CVE-2026-42530 (CVSS v4 score: 9.2) – A use-after-free vulnerability in the ngx_http_v3_module that could be triggered by a remote unauthenticated attacker when NGINX Open…
-
F5 Patches NGINX Vulnerability Enabling Code Execution and DoS Attacks
F5 has released an out-of-band security notification addressing multiple high”‘severity vulnerabilities in NGINX components that can enable remote code execution (RCE) and denial”‘of”‘service (DoS) attacks in certain configurations, urging customers to patch or upgrade affected deployments immediately. On June 17, 2026, F5 issued an out-of-band security notification (K000161614) summarizing several high- and medium-severity flaws across…
-
Google Cloud Vertex AI Vulnerability Lets Attackers Take Over and Poison AI Models
A critical vulnerability in Google Cloud’s Vertex AI has been discovered, allowing attackers to hijack machine learning model uploads, poison artifacts, and achieve cross-tenant remote code execution (RCE) without any prior access to the victim’s environment. Dubbed “Pickle in the Middle” by researchers from Palo Alto Networks’ Unit 42, this flaw affects the Python SDK…
-
Google Cloud Vertex AI Vulnerability Lets Attackers Take Over and Poison AI Models
A critical vulnerability in Google Cloud’s Vertex AI has been discovered, allowing attackers to hijack machine learning model uploads, poison artifacts, and achieve cross-tenant remote code execution (RCE) without any prior access to the victim’s environment. Dubbed “Pickle in the Middle” by researchers from Palo Alto Networks’ Unit 42, this flaw affects the Python SDK…
-
CVE-2026-20253: Splunk Enterprise Pre-Authentication Remote Code Execution
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cve-2026-20253-splunk-enterprise-pre-authentication-remote-code-execution
-
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a severe risk to organizations that rely on the popular CI/CD automation server. Jenkins RCE Flaw…
-
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a severe risk to organizations that rely on the popular CI/CD automation server. Jenkins RCE Flaw…
-
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
Tags: api, authentication, cve, cvss, cyber, flaw, rce, remote-code-execution, service, vulnerabilityA critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked asCVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects thePostgreSQL Sidecar Serviceintroduced in Splunk version 10. The root cause of CVE-2026-20253 lies in the PostgreSQL Sidecar Service’s HTTP API…
-
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
Tags: api, authentication, cve, cvss, cyber, flaw, rce, remote-code-execution, service, vulnerabilityA critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked asCVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects thePostgreSQL Sidecar Serviceintroduced in Splunk version 10. The root cause of CVE-2026-20253 lies in the PostgreSQL Sidecar Service’s HTTP API…
-
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
Tags: advisory, breach, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, update, vulnerability, zero-dayShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…
-
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
Tags: advisory, breach, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, update, vulnerability, zero-dayShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…
-
Attackers Can Exploit Microsoft Outlook and Word Flaws to Run Malicious Code
Microsoft has disclosed a set of critical remote code execution (RCE) vulnerabilities affecting Outlook and Word that could allow attackers to execute arbitrary code on targeted systems. The flaws, tracked as CVE-2026-45456, CVE-2026-45458, and CVE-2026-47635, were released on June 9, 2026, and carry high severity ratings with CVSS scores of 8.4. Security researchers warn that…
-
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution.LangGraph is an open-source framework created by LangChain to build complex, stateful, and multi-agent artificial intelligence (AI) agentic applications.”An SQL injection in LangGraph’s function could First seen on thehackernews.com Jump to article:…
-
Oracle PeopleSoft Zero-Day RCE Vulnerability Exploited by ShinyHunters
Tags: cve, cvss, cyber, exploit, flaw, google, group, intelligence, mandiant, oracle, rce, remote-code-execution, threat, vulnerability, zero-dayA newly disclosed zero-day vulnerability in Oracle PeopleSoft is being actively exploited by the ShinyHunters threat group, according to a joint investigation by Mandiant and Google Threat Intelligence Group (GTIG). Tracked as CVE-2026-35273 with a critical CVSS score of 9.8, the flaw affects the Environment Management component and enables unauthenticated remote code execution. Researchers confirmed…
-
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/
-
CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release
Tags: cve, data-breach, exploit, flaw, injection, Internet, ivanti, remote-code-execution, threat, updateAttackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a maximum-severity OS command injection flaw in Ivanti Sentry, tracked as CVE-2026-10520, that allows remote code execution with root privileges. >>An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote…
-
CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release
Tags: cve, data-breach, exploit, flaw, injection, Internet, ivanti, remote-code-execution, threat, updateAttackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a maximum-severity OS command injection flaw in Ivanti Sentry, tracked as CVE-2026-10520, that allows remote code execution with root privileges. >>An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote…
-
Langflow Vulnerability CVE-2026-5027 Exploited for Unauthenticated RCE
A high-severity security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck.The vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations.”The ‘POST /api/v2/…
-
From SQLi to RCE Exploiting LangGraph’s Checkpointer
y Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers persistence layers that store execution state. But what happens when that persistence layer isn’t locked down? Key Points Background LangGraph is an open-source framework for building stateful, multi-agent AI systems with built-in persistence. It’s an extension of LangChain, with over […]…
-
From SQLi to RCE Exploiting LangGraph’s Checkpointer
y Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers persistence layers that store execution state. But what happens when that persistence layer isn’t locked down? Key Points Background LangGraph is an open-source framework for building stateful, multi-agent AI systems with built-in persistence. It’s an extension of LangChain, with over […]…
-
Attackers Exploit Critical Langflow Flaw for Remote Code Execution
Attackers have begun actively exploiting a high-severity vulnerability in Langflow, tracked as CVE-2026-5027, which enables remote code execution via a path traversal flaw in the platform’s file upload functionality. The issue, disclosed by Tenable under advisory TRA-2026-26, affects the POST /api/v2/files endpoint, where improper sanitization of the filename parameter allows attackers to write arbitrary files anywhere on the underlying…
-
Attackers Exploit Critical Langflow Flaw for Remote Code Execution
Attackers have begun actively exploiting a high-severity vulnerability in Langflow, tracked as CVE-2026-5027, which enables remote code execution via a path traversal flaw in the platform’s file upload functionality. The issue, disclosed by Tenable under advisory TRA-2026-26, affects the POST /api/v2/files endpoint, where improper sanitization of the filename parameter allows attackers to write arbitrary files anywhere on the underlying…
-
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution.Tracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0.”A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user,” Veeam…
-
Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers
Veeam addressed a critical RCE vulnerability flaw in Backup & Replication that lets low-privileged domain users take control of backup servers. Veeam has patched a critical remote code execution vulnerability, tracked as CVE-2026-44963 (CVSS v4 Score of 9.4), affecting Backup & Replication version 12.x. The flaw could allow a low-privileged domain user to execute code on…