The Hacker News

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft released fixes for SharePoint remote code execution vulnerability CVE-2026-45659 with a CVSS score of 8.8.

New critical Exim mailer flaw allows remote code execution

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...

18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...
SecurityWeek

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...
The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

Google Update: Android Flaw Could Put Billions of Devices at Risk

Google patched an Android zero-click RCE flaw affecting multiple versions. Here’s what IT teams should know and how to reduce mobile risk.
TechRepublic

Patch SharePoint Now: Microsoft Servers at Risk of New ToolShell RCE Attack

If exploited, attackers can gain full access to SharePoint content and potentially pivot to Outlook, Teams, and OneDrive. Learn how to protect your SharePoint server from compromise. A critical remote ...