remote code execution
-
Critical LeRobot flaw could let attackers run code on robotics systems
A critical flaw in Hugging Face’s LeRobot robotics platform could let an unauthenticated attacker run code on affected systems. The issue is tracked as CVE-2026-25874 and remains unpatched, with a fix planned for version 0.6.0.
-
Google patched Antigravity sandbox escape bug after prompt injection research
Google fixed an Antigravity vulnerability after researchers said prompt injection could combine with a file-creation capability to bypass secure mode and enable remote code execution in the AI developer tool.
-
Researchers flag MCP design flaw that could enable remote code execution
Researchers said a design flaw in Anthropic’s Model Context Protocol could allow remote code execution across thousands of servers and packages, exposing sensitive data and widening AI supply chain risk.
-
ShowDoc flaw under active exploitation as users urged to update
A critical ShowDoc flaw tracked as CVE-2025-0520 is being actively exploited, with attackers using it to drop web shells on a U.S. honeypot. The bug affects older versions of the software and was fixed in 2020.
-
Critical Marimo flaw exploited within 10 hours of disclosure
A critical Marimo Python notebook flaw was exploited less than 10 hours after disclosure, with attackers gaining shell access and stealing credentials from a vulnerable instance in under three minutes, according to a technical analysis from Sysdig.
-
13-year-old ActiveMQ flaw lets attackers run commands remotely
Researchers found a 13-year-old remote code execution flaw in Apache ActiveMQ Classic that can let attackers run commands. The bug affects versions before 5.19.4 and some 6.x releases, and Apache has already released fixes.
-
Hackers exploit critical Ninja Forms WordPress flaw, Wordfence says
Hackers are exploiting a critical flaw in the Ninja Forms File Uploads WordPress add-on that can allow arbitrary file uploads and remote code execution. Wordfence said it blocked more than 3,600 attacks in 24 hours, and the vendor has released a fix.
-
Flowise flaw under active exploitation after critical code injection report
Threat actors are exploiting a critical Flowise code injection flaw, according to a technical analysis from VulnCheck. The issue can lead to remote code execution, and Flowise fixed it in version 3.0.6.
-
Claude-assisted analysis finds Vim and Emacs flaws that can run code when files open
Researchers using Claude found remote code execution flaws in Vim and GNU Emacs that can trigger when a file is opened. Vim has been patched, while the Emacs issue remains unresolved.
-
Critical Langflow RCE CVE-2026-33017 Exploited Within 20 Hours of Disclosure
A critical unauthenticated RCE in Langflow, CVE-2026-33017 (CVSS 9.3), was disclosed on March 17, 2026 and exploited within 20 hours. Users should apply patches, rotate secrets and restrict network access to public instances.
