Advertisement
FortiSandbox RCE via CVE-2024-23108 and CVE-2024-23109 — Patch Now
Unauthenticated attackers are exploiting critical command injection flaws in Fortinet FortiSandbox to achieve RCE. Apply security updates immediately.

FortiSandbox Command Injection (CVE-2026-25089) & Critical Vendor Patches
Critical patches from Fortinet, Ivanti, and SAP address vulnerabilities including CVE-2026-25089 (FortiSandbox command injection), enabling RCE and info disclosure.
CISA Adds CVE-2026-42271 and CVE-2026-50751 to KEV Catalog
CISA warns of active exploitation involving BerriAI LiteLLM and Check Point Security Gateways. Learn how to mitigate these critical security flaws.

CVE-2026-42271: BerriAI LiteLLM RCE Exploited in the Wild
CISA warns of active exploitation of CVE-2026-42271 in BerriAI LiteLLM. This command injection flaw allows attackers to achieve RCE and compromise AI proxies.

OT Robot OS Command Injection: Unauthenticated RCE — Patch Now
Critical command injection vulnerability in OT Robot OS allows unauthenticated attackers to gain remote control, posing significant disruption risks to industrial

CVE-2026-3854: GitHub RCE via Malicious Git Push Command
A critical command injection vulnerability, CVE-2026-3854, allows authenticated users to achieve RCE on GitHub instances via a single git push operation.
CVE-2025-29635: Mirai Exploits EoL D-Link Routers
A new Mirai campaign actively exploits CVE-2025-29635, a command-injection RCE in EoL D-Link DIR-823X routers, to expand its IoT botnet for DDoS attacks. Urgent
TP-Link Archer AX21 RCE via CVE-2023-1389 — Mitigation Guide
Hackers continue targeting discontinued TP-Link Archer AX21 routers with CVE-2023-1389, though many exploitation attempts currently fail to execute payloads.
Ivanti CSA 4.6 Exploited via CVE-2024-9380: Migration Required
Attackers are actively exploiting Ivanti CSA 4.6 via CVE-2024-9379 and CVE-2024-9380. Learn how to detect these command injection exploits and migrate to version 5.0.

Cisco SD-WAN vManage RCE: Fake PoCs & CVE-2023-20252 Exploitation
Threat intelligence reveals fake PoCs for Cisco SD-WAN vManage CVE-2023-20252. Understand actual RCE risks and critical patching for affected systems.

VMware Aria Operations Command Injection Exploitation: Cloud Risk
A critical command injection vulnerability in VMware Aria Operations is actively exploited, granting attackers broad access to cloud environments. Immediate patching is
CISA Alert: CVE-2026-25108 Soliton FileZen OS Command Injection Exploited
CISA adds CVE-2026-25108, a Soliton Systems FileZen OS Command Injection vulnerability, to KEV Catalog due to active exploitation. Immediate remediation advised.