Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...

Claude Code would execute hidden code from untrusted projects before any user confirmation, Check Point reports.

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Juniper Networks released an out-of-band update for its Junos OS Evolved network operating system to patch a critical vulnerability.

Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems.

データセキュリティプラットフォーム・Cyeraの研究チームが、ノーコードでワークフローを自動化するツール「n8n」で、認証不要のリモートコード実行を可能にするn8nの重大な脆弱(ぜいじゃく)性「Ni8mare(CVE-2026-21858)」を発見しました。 Ni8mare ...

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...