Trend Micro warns of critical Apex One code execution flaws

Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on ...
Bleeping Computer

Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now

Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several Zoho ManageEngine products. Tracked ...
ZDNet

VMware warns of critical remote code execution bug in Workspace ONE Access

VMware is urging customers to update their software to resolve critical vulnerabilities, including a remote code execution (RCE) bug in Workspace ONE Access. On Wednesday, the tech giant published a ...
ZDNet

Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list

During 2021, the top 15 vulnerabilities that were exploited -- as observed by the US Cybersecurity and Infrastructure Security Agency, US NSA, US FBI, the Australian Cyber Security Centre, the ...
Infosecurity-magazine.com

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a single malicious spreadsheet formula. The issue was uncovered by Cyera ...
CSOonline

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

A remote code execution vulnerability in Spring Framework has sparked fears that it could have a widespread impact across enterprise environments. Spring is one of the most popular open-source ...
Hosted on MSN

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...
Infosecurity-magazine.com

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a malicious repository or pull request. The findings by Orca Security, show how ...
Hosted on MSN

This SmarterMail vulnerability allows remote code execution - here's what we know

SmarterMail patched CVE-2025-52691, a maximum-severity RCE flaw allowing unauthenticated arbitrary file uploads Exploitation could let attackers deploy web shells or malware, steal data, and pivot ...
Neowin

Microsoft Office, Excel, Word, Outlook 2013/2016 were vulnerable to Spoofing, Code Execution0 0

Microsoft, earlier this week, released its August Patch Tuesday updates for Windows 10 (KB5029244) and Windows 11 (KB5029263/KB5029253) and also Servers. The one for 10 finally fixed an Intel DirectX ...
Dark Reading

Zimbra RCE Bug Under Active Attack

Administrators running Zimbra servers are being warned to update their systems with the "pax" utility by researchers, who have observed cyberattackers actively attempting to exploit a known flaw.