Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992.

The flaw in a legacy Telnet implementation enables pre-auth remote code execution, exposing affected systems to full compromise.

A newly disclosed vulnerability tracked as CVE-2026-32746 has put a spotlight back on a service most security teams would rather ...

The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in ...

Veeam fixes 7 Backup & Replication flaws, including CVSS 9.9 RCE bugs, warning attackers may exploit unpatched systems.

GoogleのセキュリティアナリストチームであるProject Zeroは3月16日(米国時間)、「Project Zero: Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos ...

Security experts have identified three critical vulnerabilities in Anthropic's Claude Code, potentially allowing remote code execution and API key theft. Attackers could exploit malicious ...

IBMは10月17日(米国時間)、「Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1」において、「Cobalt Strike 4.7.1」にリモートコード実行(RCE: Remote Code Execution)の脆弱性が存在すると伝えた。Cobalt Strike ...