Fortinet has issued urgent security patches to address two serious vulnerabilities in its FortiSandbox and FortiAuthenticator products. These flaws could allow attackers to execute commands or arbitrary code, posing a significant risk to organizations using these systems. The vulnerabilities affect both security and authentication processes, making them critical to address promptly. Users and administrators are advised to apply the patches immediately to protect their environments from potential exploitation. This situation underscores the need for ongoing vigilance in managing software security and ensuring systems are updated.
Articles tagged "RCE"
Found 87 articles
Researchers conducting a security assessment of Kaspersky USB Redirector discovered a critical remote code execution (RCE) vulnerability in the xrdp server component, identified as CVE-2025-68670. This vulnerability allows attackers to execute arbitrary code on affected systems before authentication, which poses a significant risk. Fortunately, project maintainers acted quickly to patch the vulnerability, reducing the potential for exploitation. Users of xrdp should ensure they apply the latest updates to protect their systems. This incident underscores the importance of regular security assessments and timely patch management to defend against emerging threats.
Security Affairs
Apache has released updates to address multiple vulnerabilities in its HTTP Server, including a serious flaw identified as CVE-2026-23918. This vulnerability, which has a CVSS score of 8.8, is a double-free error in the handling of HTTP/2 requests. If exploited, it could allow attackers to execute arbitrary code on affected systems. Organizations using Apache HTTP Server, particularly those enabling HTTP/2, should prioritize updating their software to mitigate this risk. The nature of the flaw makes it critical for system administrators to be proactive in applying the latest patches to safeguard against potential attacks.
Palo Alto Networks has issued a warning regarding a serious, unpatched vulnerability in the User-ID Authentication Portal of its PAN-OS. This flaw, categorized as a remote code execution (RCE) vulnerability, is currently being exploited in real-world attacks, putting users at significant risk. Organizations using affected versions of PAN-OS should be particularly vigilant as attackers may leverage this weakness to gain unauthorized access to systems. It's crucial for companies to assess their firewall configurations and implement necessary security measures to protect against potential breaches. The situation underscores the need for prompt action in addressing vulnerabilities as they arise.
A critical vulnerability in the Weaver E-cology platform has been identified, allowing remote code execution (RCE) that could expose sensitive enterprise workflows and data. This flaw poses a significant risk to organizations using the software, as attackers can exploit it to gain unauthorized access to critical systems and information. The vulnerability is currently being actively exploited, which raises immediate concerns for businesses that rely on Weaver E-cology for their operations. Security experts are urging affected users to take swift action to mitigate the risks associated with this flaw. The situation underscores the need for organizations to remain vigilant and proactive in addressing security vulnerabilities.
Researchers from Striga have identified two vulnerabilities in Ollama’s Windows auto-updater, designated as CVE-2026-42248 and CVE-2026-42249. When exploited together, these flaws could enable an attacker to install a persistent executable that would run every time a user logs in. Ollama is an open-source tool used for running large language models locally, appealing to users concerned about data privacy and cost. This discovery raises significant security concerns, as it could allow unauthorized access to user systems, potentially compromising sensitive data. Users of Ollama should be particularly vigilant and consider the implications of these vulnerabilities on their security posture.
The Hacker News
A serious vulnerability has been discovered in Weaver E-cology, an enterprise office automation platform. This flaw, identified as CVE-2026-22679, allows attackers to execute code remotely without authentication. It affects versions of Weaver E-cology prior to 10.0.20260312 and has a high severity score of 9.8, indicating its potential for significant impact. The issue is actively being exploited in the wild, putting users and organizations at risk of unauthorized access and control over their systems. Companies using this software should prioritize updating to the latest version to protect against these attacks.
A new botnet is targeting gaming servers by exploiting misconfigured Jenkins installations. Attackers accessed the Jenkins server through a vulnerability in the scriptText endpoint, which allowed them to execute remote code using a Groovy script. This incident raises concerns for gaming companies and server administrators, as it can lead to unauthorized access and potential service disruptions. Organizations using Jenkins need to ensure their configurations are secure to prevent similar attacks. The exploitation of this vulnerability could have significant implications for the security of gaming platforms and user data.
Hackers are taking advantage of two vulnerabilities in the Qinglong task scheduler, which is an open-source tool used by developers. These vulnerabilities allow attackers to bypass authentication, leading to unauthorized access. Once inside, the hackers deploy cryptominers on the affected servers, which can significantly drain resources and potentially compromise sensitive data. This situation poses a severe risk to developers and organizations using Qinglong, as it not only affects system performance but also raises concerns about data security. Users of this tool should take immediate action to secure their systems to prevent exploitation.
The Hacker News
Researchers have identified a serious security flaw in GitHub.com and GitHub Enterprise Server, designated CVE-2026-3854, which could enable an authenticated user to execute arbitrary code remotely with just a single 'git push' command. This command injection vulnerability has a CVSS score of 8.7, indicating its severity. If exploited, it could allow attackers with repository push access to take control over affected systems. This issue affects both individual developers and organizations using GitHub for version control, highlighting the need for immediate awareness and action. Users are advised to monitor their repositories closely and apply any recommended patches as they become available.
The Hacker News
A serious security flaw has been identified in LeRobot, Hugging Face's open-source robotics platform, which has garnered nearly 24,000 stars on GitHub. The vulnerability, designated as CVE-2026-25874, has a high severity score of 9.3 and allows attackers to exploit untrusted data deserialization, potentially leading to remote code execution without authentication. This flaw poses a significant risk to developers and organizations using LeRobot, as it could allow unauthorized access and control over their systems. Researchers are urging users to take immediate action to safeguard their implementations, given the potential for widespread exploitation. The details of the flaw emphasize the importance of security diligence in open-source projects.
A new campaign linked to the Mirai malware is exploiting a serious command-injection vulnerability in D-Link DIR-823X routers, identified as CVE-2025-29635. This vulnerability allows attackers to take control of the routers and integrate them into a botnet. Users of these routers are at risk as their devices can be hijacked for malicious purposes, including launching distributed denial-of-service (DDoS) attacks. This situation is particularly concerning since the affected routers are at the end of their life cycle, meaning they are unlikely to receive security updates. It’s crucial for users to be aware of this exploit and take necessary precautions to secure their networks.
Hackread – Cybersecurity News, Data Breaches, AI and More
Hackers are currently exploiting a vulnerability in ShowDoc, identified as CVE-2025-0520, which was discovered five years ago. This flaw allows attackers to deploy web shells, enabling remote code execution (RCE) and complete server takeovers on affected systems. The exploitation of this vulnerability is happening globally, impacting various organizations that use ShowDoc. It’s crucial for users and companies to address this issue promptly to prevent unauthorized access and potential data breaches. Security teams should prioritize patching their systems to mitigate the risk posed by this vulnerability.
The Hacker News
This week saw several notable cybersecurity incidents, including a zero-day vulnerability affecting Microsoft Defender. Attackers are exploiting this flaw to bypass security measures, putting users at risk. Additionally, SonicWall reported a brute-force attack targeting their products, which could compromise user accounts. In another concerning development, a 17-year-old remote code execution (RCE) vulnerability in Microsoft Excel remains a threat, proving that outdated software can still be a significant risk. These incidents emphasize the need for organizations to stay vigilant and ensure their systems are updated and secure.
A serious vulnerability has been discovered in ShowDoc, an online tool used by IT teams for document sharing and collaboration. This flaw, identified as CVE-2025-0520, allows attackers to execute remote code on unpatched servers, posing a significant risk to organizations that have not updated their systems. With a CVSS score of 9.4, this remote code execution vulnerability is currently being exploited in the wild, meaning that attackers are actively taking advantage of it. Companies using ShowDoc need to prioritize patching their servers to protect against potential breaches and unauthorized access to sensitive information. Failing to address this issue could lead to severe consequences for affected organizations.