rce

CVE-2026-23918: Apache HTTP/2 Double-Free Vulnerability with Possible RCE

CVE-2026-23918: Apache HTTP/2 Double-Free Vulnerability with Possible RCE

| | Apache HTTP Server, CVE-2026-23918, rce, security bulletin
CVE-2026-23918 is a high-severity Apache HTTP/2 double-free flaw affecting version 2.4.66. Learn the root cause, who's at risk, and how to patch or mitigate it. The post CVE-2026-23918: Apache HTTP/2 Double-Free Vulnerability ...
Indusface
CVE-2026-20963: SharePoint Deserialization RCE Vulnerability

CVE-2026-20963: SharePoint Deserialization Remote Code Execution Vulnerability

| | AppTrana WAAP, CVE-2026-20963, rce, security bulletin, sharepoint
Microsoft SharePoint, a core platform for enterprise collaboration, is facing active exploitation through a newly confirmed vulnerability, tracked as CVE-2026-20963. Rooted in unsafe deserialization of user-controlled data, this vulnerability allows remote. The post ...
Indusface

Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products

| | Blog, Emergency Response, GitHub, Microsoft, Microsoft Office, Microsoft security, Microsoft SQL Server, Microsoft vulnerabilities, powershell, rce, Windows, Windows vulnerability
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
React/Next.js Remote Code Execution Vulnerability (CVE-2025-55182/CVE-2025-66478) Notice and Handling Manual

React/Next.js Remote Code Execution Vulnerability (CVE-2025-55182/CVE-2025-66478) Notice and Handling Manual

| | Blog, CVE-2025-55182, CVE-2025-66478, Emergency Response, rce, react
Overview Recently, NSFOCUS CERT has detected that React and Next.js have issued security bulletins to fix the remote code execution vulnerability of React/Next.js (CVE-2025-55182/CVE-2025-66478); Because React Server Components are insecurely deserialized when ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Cursor Remote Code Execution Vulnerability (CVE-2025-62354) Notice

Cursor Remote Code Execution Vulnerability (CVE-2025-62354) Notice

| | Blog, Cursor, CVE-2025-62354, Emergency Response, rce
Overview Recently, NSFOCUS CERT detected that HiddenLayer released a vulnerability report disclosing the Cursor remote code execution vulnerability (CVE-2025-62354). Because Cursor’s check function for terminal commands in autorun mode has a logical ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Microsoft’s November Security Update of High-Risk Vulnerability Notice for Multiple Products

| | azure, Blog, Emergency Response, Microsoft, Microsoft Office, Microsoft security, Microsoft SQL Server, Microsoft vulnerabilities, rce, Windows, Windows vulnerability
Overview On November 12, NSFOCUS CERT detected that Microsoft released the November Security Update patch, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Windows Server Update Service (WSUS) Remote Code Execution Vulnerability (CVE-2025-59287) Notice

| | Blog, CVE-2025-59287, Emergency Response, rce, Windows Server Update Service, Windows vulnerability, wsus
Overview Recently, NSFOCUS CERT detected that Microsoft released a security update that fixed the Windows Server Update Service (WSUS) remote code execution vulnerability (CVE-2025-59287); Because WSUS’s GetCookie does not perform type verification ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Oracle E-Business Suite Remote Code Execution Vulnerability (CVE-2025-61882) Notice

| | Blog, CVE-2025-61882, Emergency Response, Oracle, Oracle Vulnerability, rce
Overview Recently, NSFOCUS CERT detected that Oracle issued a security bulletin to fix the remote code execution vulnerability (CVE-2025-61882) in Oracle E-Business Suite; Because Oracle Concurrent Processing (BI Publisher Integration) of Oracle ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
A spooky Jack-o’-lantern

#RediShell: Redis/Valkey Get ‘Perfect 10’ Critical RCE Vuln

| | CVE-2025-49844, CVSS10, Lua, open source, open source applications, open source code, open source components, Open-Source Databases, open-source-software, rce, RCE (Remote Code Execution), redis, Redis servers vulnerability, Redis vulnerabilities, RediShell, Remote Code Execution, Remote Code Execution (RCE), remote code execution attack, Remote Code Execution Exploit, remote code execution flaw, Remote Code Execution Vulnerabilities, remote code execution vulnerability, SB Blogwatch, Valkey
Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW ...
Security Boulevard

Microsoft’s September Security Update High-Risk Vulnerability Notice for Multiple Products

| | Blog, Emergency Response, rce, Windows, Windows vulnerability
Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, Azure, and Microsoft SQL ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Load more