remote code execution
-
Critical Telnet flaw allows pre-auth remote code execution as root
A Dream Security advisory disclosed CVE-2026-32746, a CVSS 9.8 buffer overflow in GNU inetutils telnetd that allows unauthenticated remote code execution as root. Maintainers were notified on March 11 and a patch was prepared the next day.
-
Critical pre-auth buffer overflow found in GNU InetUtils telnetd tracked as CVE-2026-32746
A pre-authentication buffer overflow in GNU InetUtils telnetd, tracked as CVE-2026-32746 and rated CVSS 9.8, can allow unauthenticated remote code execution as root. A fix is expected by April 1, 2026.
-
Fake Next.js interview projects backdoor developer machines
Fake Next.js repositories and coding tests are being used to trigger remote code execution on developer machines. Malicious JavaScript runs when projects are opened or run then installs backdoors and exfiltrates data.
-
Critical unauthenticated RCE in Grandstream GXP1600 VoIP phones tracked as CVE-2026-2329
Critical unauthenticated buffer overflow in Grandstream GXP1600 VoIP phones CVE-2026-2329 scores 9.3 and allows unauthenticated remote root execution. A vendor firmware update addresses the flaw.
-
In-the-wild exploitation observed for critical BeyondTrust RCE CVE-2026-1731
Researchers observed overnight exploitation attempts for CVE-2026-1731 targeting BeyondTrust Remote Support and Privileged Remote Access. The flaw is rated CVSS 9.9. Patches are available for affected versions and administrators should apply updates immediately.
-
Critical RCE flaw in WPvivid Backup & Migration affects more than 900,000 installs
A critical RCE vulnerability in the WPvivid Backup & Migration plugin impacts versions up to 0.9.123 and more than 900,000 installs. Upgrade to version 0.9.124 to remediate CVE-2026-1357.
-
Critical vulnerability CVE-2026-25049 in n8n could allow system command execution
A critical CVE-2026-25049 vulnerability in a workflow automation platform can enable authenticated users to run system commands. The flaw has CVSS 9.4 and is fixed in 1.123.17 and 2.5.2. Restrict workflow creation and apply patches.
-
NationStates confirms data breach after player gained server access
NationStates took its site offline on January 27, 2026 after an unauthorized user gained remote code execution on the production server and copied user data. Exposed items include email addresses and MD5 password hashes.
-
SmarterMail patched critical unauthenticated RCE and path coercion flaws
SmarterMail fixes address a critical unauthenticated remote code execution flaw CVE-2026-24423 rated 9.3 and a medium severity path coercion issue that can enable NTLM relay. Administrators should install the updated builds immediately.
-
Cellbreak Pyodide sandbox escape in Grist‑Core allows remote code execution
A Pyodide sandbox escape in Grist‑Core, CVE-2026-24002, can enable remote code execution and host runtime JavaScript. The flaw was fixed in version 1.7.9 on January 9, 2026. Update or set the sandbox to gvisor.
