CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

A single rewrite rule, the kind pasted into NGINX configurations thousands of times a day, can hand an unauthenticated ...

The security defect can be exploited remotely, without authentication, to execute arbitrary code and leak sensitive ...

Adobe has released patches for 52 vulnerabilities across 10 products, including flaws leading to arbitrary code execution.

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Apple released patches for a cluster of security flaws internally grouped under the tag “Coruna,” and at least one of them ...

Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...