Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...

Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ...

Broadcom has released patches for several vulnerabilities affecting VMware Aria Operations, including high-severity flaws.

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...

A zero-click vulnerability in Claude Desktop Extensions has exposed over 10,000 users to remote code execution through ...

Microsoft fixes a high-severity Notepad RCE flaw tied to Markdown files. Install the latest updates to protect your PC.

Microsoft fixes a critical Notepad vulnerability in Windows 11 that could allow remote code execution via malicious Markdown files. Here are the details ...