Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...

SolarWinds fixes four critical CVSS 9.1 vulnerabilities in Serv-U 15.5 that could allow root code execution with ...

Users could be tricked into running arbitrary code, but the issue was patched last week.

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers.

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google Calendar events.

Notepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.