The Hacker News

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.
Hosted on MSN

Microsoft patches GitHub flaw within hours, no exploits found

Microsoft patched a high-severity GitHub vulnerability, CVE-2026-3854, within about two hours of disclosure, preventing any ...
Hosted on MSN

SharePoint zero-day exploit heightens governance urgency

A critical SharePoint zero-day vulnerability, CVE-2026-32201, is being actively exploited, allowing remote code execution with no privileges or user interaction. Over 1,300 servers remain exposed, ...
SecurityWeek

Critical Remote Code Execution Vulnerability Patched in Android

Google announced on Monday the release of an Android update patching a critical vulnerability that can be exploited for ...
InfoWorld

AI finds 20-year-old bugs in PostgreSQL and MariaDB

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...
Bleeping Computer

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ...