Tom's Hardware on MSN

Anthropic's model context protocol includes a critical remote code execution vulnerability

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
CSO Online

Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...
SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Bleeping Computer

ASUS routers vulnerable to critical remote code execution flaws

Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not ...
CRN

Red Hat Warns About Remote Code Execution Flaws Impacting Enterprise Linux

‘All versions of Red Hat Enterprise Linux (RHEL) are affected by [the vulnerabilities] but are not vulnerable in their default configurations,’ the IBM-owned company said. Red Hat warned Thursday that ...