The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
Que.com on MSN

Docker patches critical 'Ask Gordon AI' flaw enabling code execution

Docker has released security fixes for a critical vulnerability affecting its AI-assisted feature known as Ask Gordon. The ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

arbitrary code execution

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

BeyondTrust warns of critical RCE flaw in remote support software

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) ...
Threat Post

Firefox, Chrome Bugs Allow Arbitrary Code-Execution

Multiple critical memory safety bugs in Firefox 69 and Firefox ESR 68.1 in particular affect medium and large government entities and enterprises. Critical vulnerabilities have been discovered in the ...