Microsoft-owned open source code hosting platform GitHub has acknowledged and patched a critical vulnerability that allowed ...
Tom's Hardware on MSN
Anthropic's model context protocol includes a critical remote code execution vulnerability
A design choice in the MCP SDKs allows remote code execution across the AI supply chain.
Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...
CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...
The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...
ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.
Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results