SecurityWeek

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator

Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could ...
The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.
The Hacker News

Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution

"A buffer overflow vulnerability in the User-ID Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code ...

Microsoft’s Patch Tuesday Update Targets 120 Security Flaws

Microsoft’s May Patch Tuesday fixes 120 flaws, including 31 remote code execution bugs, with no zero-days reported at release ...