watchTowr Labs researcher Piotr Bazydlo said the newly uncovered bugs could be fashioned into an exploit chain by bringing together the pre-auth HTML cache poisoning vulnerability with a ...

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution ...

CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote ...

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks.

Commvault patched four flaws before 11.36.60, including CVE-2025-57790 (8.7 CVSS), preventing remote code execution.

On August 15, 2025, exploit code was released that chains two critical vulnerabilities in SAP NetWeaver’s Visual Composer to bypass authentication and achieve remote code execution.

A critical flaw in SAP NetWeaver AS Java is being widely exploited, allowing unauthenticated remote code execution ...

Researchers at Security Evaluators have found what is believed to be the first remote code execution flaw affecting the device -- a bug that can be used to take full control of an iPhone surfing ...

A hacker released what he claims is a zero-day exploit for older versions of the Parallels Plesk Panel, a popular Web hosting administration software package, that could allow attackers to inject ...

Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE ...

Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together.

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...