Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely.

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code execution vulnerability in Cursor Inc.’s integrated development environment that ...

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code execution.

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...