A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution ...

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

A couple of other interesting bugs that Childs points out are these two, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7 ...

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the ...

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...

Google addressed a use-after-free bug in the WebGL (Web Graphics Library) component of the Google Chrome web browser that could lead to arbitrary code execution in the context of the browser's process ...

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges.

The software giant released patches for four critical vulnerabilities and five different platforms. Adobe has released its scheduled July 2020 security updates, covering flaws in five different ...

Apple's iPhone has failed the security smell test. Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be ...