Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. Attackers are now actively ...

The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link ...

A 9.9-severity vulnerability in Flowise’s MCP stdio implementation can allow attackers to achieve remote code execution in ...

rexec The rexec (remote execution) service offers remote command execution, similar to rsh. The only difference is that the user must supply a username and a password to execute a command using rexec.

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows bad actors to carry out arbitrary shell commands directly on the host ...

Proof-of-concept (PoC) code has been published for a one-click RCE vulnerability in open source LLM building platform Flowise.

Cisco (Nasdaq:CSCO) is urging customers to patch for a maximum-severity flaw affecting its IOS XE Software for Wireless controllers. The flaw, tracked as CVE-2025-20188, received a severity rating of ...

Unsafe defaults in MCP configs open servers to possible remote code execution, as evidenced by several commercial services and open-source projects. AI agent building tools enable users to configure ...

Universal Robots urges users to update PolyScope software following critical vulnerability ...