The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link ...
Hackers exploited a vulnerability in PTC Windchill in the wild, marking the first confirmed real-world abuse of the PLM ...
LevelBlue says QuimaRAT uses encrypted plugins, OS-specific persistence, and JNA libraries to control Windows, Linux, and ...
Security vulnerabilities in the self-hosting platform offer attack possibilities with low, albeit narrowly defined, access ...
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not ...
Sentire says attacks began June 29 against a CVSS 9.6 OS command injection flaw that enables unauthenticated code execution.
A new report out today from Swiss artificial intelligence-powered managed extended detection and response company Ontinue AG warns of the growing abuse of Nezha, a legitimate open-source server ...
Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows bad actors to carry out arbitrary shell commands directly on the host ...
Unsafe defaults in MCP configs open servers to possible remote code execution, as evidenced by several commercial services and open-source projects. AI agent building tools enable users to configure ...
Cisco (Nasdaq:CSCO) is urging customers to patch for a maximum-severity flaw affecting its IOS XE Software for Wireless controllers. The flaw, tracked as CVE-2025-20188, received a severity rating of ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results