CSO Online

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...
CSO Online

Critical Cursor bug could turn routine Git into RCE

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...
Bleeping Computer

R language flaw allows code execution via RDS/RDX files

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

GitHub patches critical 'git push' remote code execution bug

Microsoft-owned open source code hosting platform GitHub has acknowledged and patched a critical vulnerability that allowed ...
Dark Reading

What You Need to Know About Arbitrary Code Execution Vulnerabilities

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...
Bleeping Computer

Latest Code Execution news

Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks. Notepad++ version 8.5.7 has been released with fixes for multiple buffer ...