This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js ...
CSOonline

Microsoft fixes dangerous zero-click Outlook remote code execution exploit

As part of its Patch Tuesday cycle, Microsoft has fixed a high-risk vulnerability in its Outlook desktop client that could be exploited by attackers to execute malicious code when opening a specially ...
CSOonline

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately. A maximum severity remote code execution vulnerability in Hewlett Packard ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...