The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
SecurityWeek

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...

PyTorch Foundation Announces Safetensors as Newest Contributed Project to Secure AI Model Execution

The PyTorch Foundation, a community-driven hub for open source AI under the Linux Foundation, today announced that ...
CRN

Microsoft Patches ‘Wormable’ Critical Flaw, Discloses ‘Whopping’ Number Of Bug Fixes

“Since there’s no user interaction, and since the code executes with elevated privileges, this bug falls into the wormable class of bugs.” Additionally, Microsoft “gives this [flaw] its highest ...

Are You Using the Right Claude Code Workflow? 5 Agentic Workflows Explained

Master Claude Code in 2026 with this complete guide to built-in sub-agents, operator patterns, and headless mode for ...