CSOonline

Veeam issues patch for critical RCE bug

Veeam is warning its customers of two vulnerabilities, of which one is a critical RCE bug, affecting the Service Provider Console (VSPC), a web-based management platform for managed service providers ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Bleeping Computer

Veeam warns of critical RCE bug in Service Provider Console

Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. VSPC, ...
Hosted on MSN

Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist

In patching the latest critical remote code execution (RCE) bug in Backup and Replication, software shop Veeam is attracting criticism from researchers for the way it handles uncontrolled ...
Dark Reading

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

A proof-of-concept exploit (PoC) for a critical vulnerability in Fortinet's FortiSIEM product has emerged, paving the way for broad exploitation. The vulnerability, tracked under CVE-2024-23108, was ...
Infosecurity-magazine.com

SolarWinds Urges Upgrade After Revealing Critical RCE Bug

IT management software provider SolarWinds has urged customers to immediately patch a critical vulnerability in its Web Help Desk platform. CVE-2024-28986 is a Java deserialization remote code ...
Infosecurity-magazine.com

Single RCE Bug Features Among 60 CVEs in March Patch Tuesday

Microsoft fixed 60 vulnerabilities in this month’s Patch Tuesday security update round, including just two critical bugs. These both affect Windows Hyper-V. CVE-2024-21407 enables attackers to escape ...
Bleeping Computer

Latest Remote Code Execution news

Four zero-day vulnerabilities found in an IBM enterprise security software were disclosed today by a security researcher after IBM refused to fix them and to accept the vulnerability report sent via ...
TechRadar

WatchGuard Firebox OS forced to patch worrying security flaw, so update now

WatchGuard patches critical RCE flaw (CVE‑2025‑14733) in Firebox firewalls, being actively exploited in the wild CISA added it to KEV; federal agencies must patch or stop use by December 26 ...
SDxCentral

VMware Fixes Critical Remote Code Execution Bug in vCenter Server

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...