The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...
SecurityWeek

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

Organizations are warned that a recently patched vulnerability affecting Apache ActiveMQ Classic is being exploited in the ...
SecurityWeek

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.
Hackaday

Remote Code Execution On An Oscilloscope

There are a huge number of products available in the modern world that come with network connectivity now, when perhaps they might be better off with out it. Kitchen appliances like refrigerators are ...
CRN

Red Hat Warns About Remote Code Execution Flaws Impacting Enterprise Linux

‘All versions of Red Hat Enterprise Linux (RHEL) are affected by [the vulnerabilities] but are not vulnerable in their default configurations,’ the IBM-owned company said. Red Hat warned Thursday that ...
CSOonline

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

A remote code execution vulnerability in Spring Framework has sparked fears that it could have a widespread impact across enterprise environments. Spring is one of the most popular open-source ...