Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several Zoho ManageEngine products. Tracked ...

Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products. This pre-authentication RCE flaw is tracked as CVE-2022-47966 and ...

Fortinet has finally patched a critical security vulnerability in its Wireless LAN Manager (FortiWLM) that could allow unauthenticated sensitive information disclosure. And, when chained with another ...

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a single malicious spreadsheet formula. The issue was uncovered by Cyera ...

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.

SmarterMail patched CVE-2025-52691, a maximum-severity RCE flaw allowing unauthenticated arbitrary file uploads Exploitation could let attackers deploy web shells or malware, steal data, and pivot ...