SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...

This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to engage in remote code execution (RCE) attacks.
The Hacker News

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA warns that hackers are actively exploiting a high-severity flaw in Gogs that can lead to remote code execution; no patch ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
Bleeping Computer

WordPress security plugin WP Ghost vulnerable to remote code execution bug

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. WP Ghost is a popular ...