RCE
(7 articles)
April 10, 2026
Marimo RCE CVE-2026-39987 Exploited in 10 Hours
The Marimo RCE flaw CVE-2026-39987 was exploited within 10 hours of disclosure. Learn how it works, what's at risk, and how to protect your stack now.
April 7, 2026
Flowise RCE CVE: 12,000+ Instances Under Attack
A CVSS 10.0 RCE flaw in Flowise AI Agent Builder is being actively exploited. Over 12,000 exposed instances face full remote takeover. Here's what you need to know.
March 26, 2026
CISA: New Langflow Flaw Actively Exploited to Hijack AI Workflows
CVE-2026-33017 in Langflow is being actively exploited for RCE - attackers went from advisory to full exploitation in under 24 hours. Here's what you need to know.
March 21, 2026
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Oracle patches CVE-2026-21992, a critical unauthenticated RCE flaw in Identity Manager. Here's what happened and how to protect your stack now.
March 20, 2026
Oracle Pushes Emergency Fix for Critical Identity Manager RCE Flaw
Oracle drops an out-of-band patch for CVE-2026-21992, a CVSS 9.8 unauthenticated RCE bug in Identity Manager and Web Services Manager. Patch now.
March 20, 2026
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
A critical PolyShell vulnerability in Magento allows unauthenticated file uploads, remote code execution, and full account takeover. Here's what you need to know.
March 19, 2026
New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores
The PolyShell vulnerability lets attackers execute code or hijack accounts on Magento stores without authentication - and exploit code is already circulating.