The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link ...

Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket's threat research team, ...

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows bad actors to carry out arbitrary shell commands directly on the host ...

Organizations running Fortinet FortiWeb, the company’s web application firewall, face an immediate threat: a single crafted ...

rexec The rexec (remote execution) service offers remote command execution, similar to rsh. The only difference is that the user must supply a username and a password to execute a command using rexec.

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.

Cisco (Nasdaq:CSCO) is urging customers to patch for a maximum-severity flaw affecting its IOS XE Software for Wireless controllers. The flaw, tracked as CVE-2025-20188, received a severity rating of ...

Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...

Unsafe defaults in MCP configs open servers to possible remote code execution, as evidenced by several commercial services and open-source projects. AI agent building tools enable users to configure ...