The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
Infosecurity Magazine

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...
TechRadar

This SmarterMail vulnerability allows Remote Code Execution - here's what we know

SmarterMail patched CVE-2025-52691, a maximum-severity RCE flaw allowing unauthenticated arbitrary file uploads Exploitation could let attackers deploy web shells or malware, steal data, and pivot ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

This WebUI vulnerability allows remote code execution - here's how to stay safe

Popular AI interface was plagued by an 8/10 bug, but a fix is now available.
DataBreachToday

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...
CSOonline

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture ...