Technology ❯ Cybersecurity ❯ Threats

Remote Code Execution

Exploitation Techniques Buffer Overflow Denial of Service Exploits Zero-Day Exploits Privilege Escalation Use-After-Free Vulnerability Malicious Exploits Code Injection CVE-2025-30023 Keyloggers Vulnerabilities Authentication Bypass CVE-2026-20952 User Privilege Escalation CVE-2025-42944 CVE-2026-0300 CVE-2026-35616 CVE-2026-20160 Cross-Site Scripting CVE-2026-6973 Integer Overflow Heap Buffer Overflow ViewState Deserialization CVE-2025-59287 CVE-2025-54253 Outlook Exploits Exploitation CVE-2026-23918 RediShell Malicious Git Hooks CVE-2024-28986 Untrusted Data Deserialization CVE-2026-21858 Exploit CVE-2026-20841 SmarterMail Vulnerabilities in Routers Malicious Input API Security CVE-2026-21992 NGINX Vulnerability CVE-2026-20131

Google Rolls Out Chrome 148 to Fix 79 Flaws, Including 14 Critical

The patch closes holes that could let attackers run code, making a fast update the safest move.

Critical 'NGINX Rift' Bug in Rewrite Module Exposes Servers to Remote Code Execution

Microsoft’s May Patch Tuesday Fixes About 137 Flaws With No Zero-Days

Ivanti Patches EPMM Zero‑Day Under Active Exploitation as CISA Orders Fix by May 10

Google Patches Antigravity Flaw That Let Prompt Injection Break the Sandbox

Hackers Exploit Critical Ninja Forms File Uploads Flaw to Seize WordPress Sites

CISA Orders Rapid Fix for Actively Exploited Fortinet EMS Zero-Day

Cisco Releases Fixes for Critical IMC and SSM On-Prem Flaws Allowing Remote Admin and Root Access

Oracle Issues Emergency Patch for Critical RCE in Identity Manager and Web Services Manager

Claude Code Flaws Enabled RCE and API Key Theft via Malicious Repo Configs

Researchers Expose Critical Flaws in Popular VS Code Extensions Downloaded Over 125 Million Times

Ivanti Patches EPM as EPMM Exploitation Campaign Traces to Single Bulletproof-Hosted IP

CISA Forces Three-Day Patch for Actively Exploited SolarWinds Web Help Desk Flaw

Ivanti EPMM Zero-Day RCE Flaws Exploited as CISA Orders Rapid Mitigation

OpenSSL Patches 12 Flaws Found by AISLE in Coordinated January Update

Anthropic Patches Git MCP Server Flaws Enabling Prompt-Injection RCE

Critical 'Ni8mare' Flaw Exposes n8n Servers to Full Takeover as Scans Surge

Fluent Bit Flaws Disclosed, Patches Issued to Stop Log Tampering and RCE

CISA Sets Nov. 14 Deadline After Active Attacks on Critical WSUS Flaw

CISA Adds Actively Exploited Adobe AEM Forms Flaw to KEV Catalog