A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...

F5 fixes CVE-2026-42530 and CVE-2026-42055 in NGINX Open Source, addressing HTTP/3 and HTTP/2 flaws that could allow remote ...

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Three minor vulnerabilities chained together can cause a lot of trouble but Microsoft fixed it on time.

Open a sketchy video file in VLC, stream it using Jellyfin or Kodi, or don’t even open it at all – simply storing it can get you compromised when the Linux file manager generates a thumbnail. A ...

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks.

An out-of-bounds write vulnerability with a 9.2 severity score allows attackers to achieve remote code execution. A secondary high-severity flaw enables malicious SSH servers to cause client CPU ...

Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges.

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private repository to run arbitrary commands on the platform’s own servers. The flaw, ...