Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
SecurityWeek

Cisco Patches High-Severity Vulnerabilities in Enterprise Products

Cisco has released patches for several high-severity vulnerabilities that could lead to code execution, SSRF attacks, and DoS ...

Delhi HC: Mere claims of error do not make a decree invalid

Opposing the plea, advocate Jindal argued that an executing court cannot go behind a decree and said the order had attained ...
The Hacker News

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP ...

Update Android Now—Google Confirms Critical Zero-Click Vulnerability

Google has confirmed that a critical Android vulnerability, CVE-2026-0073, could enable remote code execution without any ...
CSO Online

Critical Cursor bug could turn routine Git into RCE

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
Microsoft

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments

A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install backdoors.

Virginia Supreme Court strikes down gerrymandered redistricting plan

After nearly two weeks, the Viriginia Supreme Court ...