RCE

A severe remote code execution vulnerability in Imunify360 AV has been patched, affecting a security tool that protects around 56 million Linux-hosted websites. Discovered in the product's deobfuscation logic, the flaw allows attackers to execute arbitrary commands and potentially seize control of hosting servers. CloudLinux released a fix on October 21, 2025, though no formal CVE or advisory followed.