They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...

CISA has expanded the KEV catalog to include seven vulnerabilities, including Windows flaws that lead to privilege escalation ...

Cisco patches four CVEs up to CVSS 9.9 in ISE and Webex, preventing code execution and user impersonation risks.

Organizations are warned that a recently patched vulnerability affecting Apache ActiveMQ Classic is being exploited in the ...

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...

Critical SAP, Adobe, Fortinet, and Microsoft flaws disclosed in April Patch Tuesday, enabling RCE and data theft risks.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

In late April 2026, a vulnerability disclosure quietly landed in the National Vulnerability Database that should unsettle ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...