HPE warns of maximum severity RCE flaw in OneView software
Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE…
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively…
SAP fixes three critical vulnerabilities across multiple products
SAP has released its December security updates addressing 14 vulnerabilities across a…
Windows PowerShell now warns when running Invoke-WebRequest scripts
Microsoft says Windows PowerShell now warns when running scripts that use the…
React2Shell critical flaw actively exploited in China-linked attacks
Multiple China-linked threat actors began exploiting the React2Shell vulnerability (CVE-2025-55182) affecting React…
Critical React, Next.js flaw lets hackers execute code on servers
A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows…
D-Link warns of new RCE flaws in end-of-life DIR-878 routers
D-Link is warning of three remotely exploitable command execution vulnerabilities that affect all…
RCE flaw in ImunifyAV puts millions of Linux-hosted sites at risk
The ImunifyAV malware scanner for Linux servers, used by tens of millions…
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly…