Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Palo Alto Networks has released an advisory warning that a critical buffer overflow vulnerability in its PAN-OS software has been exploited in the wild. The ...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1190 — Exploit Public-Facing Application (Initial Access)
Clear filter186 articles found
Attackers Actively Exploiting Critical Vulnerability in Breeze Cache Plugin
On April 22nd, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Breeze Cache, a WordPress plugin with an estimated 400,000 activ...
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP Server, including a severe vulnera...
Critical Android vulnerability CVE-2026-0073 fixed by Google
Google patched a critical Android flaw (CVE‑2026‑0073) that lets attackers run code remotely without user action. Google released a security update for Andro...
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new fi...
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploit...
ZDI-26-307: FlowiseAI Flowise Airtable_Agent Code Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Flowise. Authentication is not required to exploit this vul...
[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit
FUXA 1.2.
[webapps] SumatraPDF 3.5.2 - Remote Code Execution
SumatraPDF 3.5.
[webapps] Frigate NVR 0.16.3 - Remote Code Execution
Frigate NVR 0.16.
[webapps] Erugo 0.2.14 - Remote Code Execution (RCE)
Erugo 0.2.
[local] OpenWrt 23.05 - Authenticated Remote Code Execution (RCE)
OpenWrt 23.
[webapps] GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)
GUnet OpenEclass E-learning platform < 4.
[webapps] JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution
JuzaWeb CMS 3.4.
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an a...
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote atta...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,0...
ZDI-26-304: Foxit PDF Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit t...
ZDI-26-302: Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit t...
ZDI-26-301: Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit t...