Hackers exploited a vulnerability in PTC Windchill in the wild, marking the first confirmed real-world abuse of the PLM ...

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...

F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

A critical vulnerability in the FFmpeg media processing framework allows attackers to execute arbitrary code via malicious ...

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks.

An out-of-bounds write vulnerability with a 9.2 severity score allows attackers to achieve remote code execution. A secondary high-severity flaw enables malicious SSH servers to cause client CPU ...

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private repository to run arbitrary commands on the platform’s own servers. The flaw, ...

Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution.

CVE-2026-20230, a recently patched vulnerability affecting Cisco’s Unified Communications Manager, is being exploited in ...