Another week, another emergency patch as Cisco plugs Unified Comms zero-day

The critical-rated flaw leaves unpatched systems open to full takeover Cisco has finally shipped a fix for a critical-rated ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...

This SmarterMail vulnerability allows remote code execution - here's what we know

A maximum-severity flaw was just patched, and users are urged to apply the fix immediately.

This WebUI vulnerability allows remote code execution - here's how to stay safe

Popular AI interface was plagued by an 8/10 bug, but a fix is now available.
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...
Bleeping Computer

Google Chrome 85 fixes WebGL code execution vulnerability

Google addressed a use-after-free bug in the WebGL (Web Graphics Library) component of the Google Chrome web browser that could lead to arbitrary code execution in the context of the browser's process ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.