Skip to main content
← All Articles

Tag

#RCE

190 articles

Advertisement

Dify AI Platform Vulnerabilities: How to Mitigate DifyTap Exploit
HIGH
Vulnerabilities

Dify AI Platform Vulnerabilities: How to Mitigate DifyTap Exploit

Researchers discover DifyTap vulnerabilities in the Dify AI platform, allowing attackers to exfiltrate chat histories and secrets through SSRF and RCE.

Runtime Rebel Intel
3 min read·Jun 23, 2026
VU
HIGH
Vulnerabilities

Microsoft AutoGen Studio RCE via AutoJack Flaw — Patch Now

Microsoft patched the AutoJack vulnerability chain in AutoGen Studio, enabling remote code execution through malicious AI agent manipulation.

Runtime Rebel Intel
4 min read·Jun 22, 2026
VU
CRITICAL
Vulnerabilities

CVE-2024-0012: Critical PAN-OS Management Interface RCE Analysis

Technical analysis of CVE-2024-0012 affecting Palo Alto Networks PAN-OS. Learn how to detect CVE-2024-0012 exploit and implement immediate mitigation steps.

Runtime Rebel Intel
3 min read·Jun 22, 2026
AutoJack: AI Browsing Agents Hijacked for Host RCE via Web Pages
CRITICAL
Vulnerabilities

AutoJack: AI Browsing Agents Hijacked for Host RCE via Web Pages

Microsoft researchers reveal AutoJack, a novel exploit chain where malicious web pages hijack AI browsing agents to achieve remote code execution on host systems.

Runtime Rebel Intel
4 min read·Jun 19, 2026
CVE-2026-42530 & -42531: NGINX RCE via Use-After-Free
CRITICAL
Vulnerabilities

CVE-2026-42530 & -42531: NGINX RCE via Use-After-Free

F5 addresses critical RCE flaws [CVE-2026-42530, CVE-2026-42531] in NGINX Open Source. Unauthenticated attackers can exploit use-after-free issues. Patch now.

Runtime Rebel Intel
4 min read·Jun 18, 2026
VU
HIGH
Vulnerabilities

Rockwell RSLinx <4.50.00 RCE via CVE-2020-13573 — Patch Now

Urgent advisory for Rockwell RSLinx Classic users. CVE-2020-13573, a stack-based buffer overflow, enables remote code execution and DoS. Patch <=4.50.00.

Runtime Rebel Intel
4 min read·Jun 18, 2026
VU
CRITICAL
Vulnerabilities

FortiSandbox RCE via CVE-2024-23108 and CVE-2024-23109 — Patch Now

Unauthenticated attackers are exploiting critical command injection flaws in Fortinet FortiSandbox to achieve RCE. Apply security updates immediately.

Runtime Rebel Intel
3 min read·Jun 16, 2026
VU
CRITICAL
Vulnerabilities

FortiSIEM RCE via CVE-2024-23108: Technical Mitigation Guide

Analysis of critical RCE vulnerabilities CVE-2024-23108 and CVE-2024-23109 in Fortinet FortiSIEM, including detection methods and remediation steps.

Runtime Rebel Intel
3 min read·Jun 15, 2026
CVE-2026-20253: Unauthenticated RCE in Splunk Enterprise <10.2.4
CRITICAL
Vulnerabilities

CVE-2026-20253: Unauthenticated RCE in Splunk Enterprise <10.2.4

Critical flaw CVE-2026-20253 in Splunk Enterprise allows unauthenticated RCE by creating/truncating files. Patch versions <10.2.4 and <10.0.7 immediately.

Runtime Rebel Intel
4 min read·Jun 13, 2026
TH
CRITICAL
Threat Intel

CVE-2026-35273: Oracle PeopleSoft RCE Exploited as Zero-Day by ShinyHunters

Mandiant and GTIG identified ShinyHunters (UNC6240) exploiting CVE-2026-35273, a critical RCE in Oracle PeopleSoft, targeting higher education.

Runtime Rebel Intel
6 min read·Jun 12, 2026
VU
CRITICAL
Vulnerabilities

Ivanti Connect Secure RCE via CVE-2024-21887 — Mitigation Guide

Analysis of persistent scanning for Ivanti Connect Secure vulnerabilities CVE-2023-46805 and CVE-2024-21887 used by attackers for RCE and network access.

Runtime Rebel Intel
3 min read·Jun 11, 2026
VU
HIGH
Vulnerabilities

CVE-2024-5027: Langflow Path Traversal Exploited in Attacks

Security researchers observe active exploitation of CVE-2024-5027, a high-severity path traversal flaw in the Langflow AI platform allowing arbitrary file writes.

Runtime Rebel Intel
3 min read·Jun 11, 2026