The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of active exploitation of the Apache ActiveMQ vulnerability (CVE-2026-34197). CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog, urging users to patch before April 30, 2026. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on vulnerable installations.
Tag: Remote Code Execution Vulnerability
N8n Patches Critical Remote Code Execution Vulnerability (CVE-2026-33660)
N8n is vulnerable to a critical remote code execution flaw. Tracked as CVE-2026-33660, the vulnerability has a CVSS score of 9.4. Successful exploitation of this vulnerability may allow an authenticated attacker to execute arbitrary commands on the target system.
Cisco Patches Secure Firewall Management Center Software Vulnerabilities (CVE-2026-20079 & CVE-2026-20131)
Cisco released security updates to address two critical-severity vulnerabilities impacting the Secure Firewall Management Center Software. Successful exploitation of the vulnerabilities may lead to code execution.
CISA Added BeyondTrust Vulnerability to its Known Exploited Vulnerabilities Catalog (CVE-2026-1731)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns about an actively exploited vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products. Tracked as CVE-2026-1731, successful exploitation of the vulnerability could allow an unauthenticated remote attacker to achieve remote code execution by sending specially crafted requests. CISA urged users to patch the vulnerability before February 16, 2026. BeyondTrust mentioned in the advisory, … Continue reading “CISA Added BeyondTrust Vulnerability to its Known Exploited Vulnerabilities Catalog (CVE-2026-1731)”
N8n Warns of Remote Code Execution Vulnerability (CVE-2026-21877)
N8n is vulnerable to a maximum severity flaw that could allow an authenticated attacker to execute arbitrary code with the privileges of the n8n process. Tracked as CVE-2026-21877, the vulnerability has a CVSS score of 10. Under certain conditions, an authenticated user may cause untrusted code to be executed by the n8n service. This could … Continue reading “N8n Warns of Remote Code Execution Vulnerability (CVE-2026-21877)”
Cisco Addresses Remote Code Execution Vulnerabilities in Unified Contact Center Express (CVE-2025-20354 & CVE-2025-20358)
Cisco Unified CCX is vulnerable to two security vulnerabilities that could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root. Tracked as CVE-2025-20354 & CVE-2025-20358, both vulnerabilities have critical severity ratings.
Oracle E-Business Suite Remote Code Execution Vulnerability Exploited in the Wild (CVE-2025-61882)
Oracle released a security advisory to address a critical zero-day vulnerability impacting the E-Business Suite. Tracked as CVE-2025-61882, the vulnerability has a CVSS score of 9.8. Successful exploitation of the vulnerability may allow an attacker to achieve remote code execution. Security reports suggest the vulnerability is actively exploited in Clop data theft attacks.
Cisco IOS and IOS XE Software Vulnerability Exploited in the Wild (CVE-2025-20352)
Cisco released a security advisory to address an actively exploited vulnerability, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE Software. Successful exploitation of the vulnerability may allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition. A high-privileged attacker may execute arbitrary code as the root user and … Continue reading “Cisco IOS and IOS XE Software Vulnerability Exploited in the Wild (CVE-2025-20352)”
SolarWinds Web Help Desk Remote Code Execution Vulnerability (CVE-2025-26399)
SolarWinds released a security advisory to address a critical severity vulnerability impacting its Web Help Desk software. Tracked as CVE-2025-26399, the vulnerability has a CVSS score of 9.8. Successful exploitation of this vulnerability may allow an unauthenticated attacker to execute arbitrary code on the target system.
CISA Warns of Sitecore Experience Platform Zero-day Vulnerability (CVE-2025-53690)
Threat attackers exploit a zero-day vulnerability in Sitecore Experience Manager (XM) and Sitecore Experience Platform (XP) tracked as CVE-2025-53690. The vulnerability has a critical severity rating with a CVSS score of 9.0. Successful exploitation of the vulnerability may lead to remote code execution and unauthorized access to information. Mandiant Threat Defense identified active exploitation of … Continue reading “CISA Warns of Sitecore Experience Platform Zero-day Vulnerability (CVE-2025-53690)”