A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...

A 9.9-severity vulnerability in Flowise’s MCP stdio implementation can allow attackers to achieve remote code execution in ...

An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. Designed as an alternative to GitHub ...

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device.

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private repository to run arbitrary commands on the platform’s own servers. The flaw, ...

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

Data resilience solutions provider Veeam Software released a critical patch for its Veeam Backup & Replication product. The update fixes a deserialization issue that can result in remote code ...

A critical remote code execution vulnerability was discovered using an AI model and patched within hours. A critical remote code execution vulnerability was discovered using an AI model and patched ...