CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

‘All versions of Red Hat Enterprise Linux (RHEL) are affected by [the vulnerabilities] but are not vulnerable in their default configurations,’ the IBM-owned company said. Red Hat warned Thursday that ...

Organizations are warned that a recently patched vulnerability affecting Apache ActiveMQ Classic is being exploited in the ...

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

This month's Patch Tuesday includes an actively exploited Office zero-day vulnerability and several critical RCE bugs in ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

Anthropic’s Claude Code now controls macOS apps with mouse, keyboard, and screenshots, plus remote actions via the new ...