Vulnerability

A critical remote code execution vulnerability has been discovered in multiple BeyondTrust products. The flaw, rated 9.9 out of 10 in severity, allows hackers to run code on affected systems without needing to log in. The issue was reported on February 10, 2026.

2026년 01월 21일 AI에 의해 보고됨

NVIDIA has released an urgent security update to address a high-severity vulnerability in its NSIGHT Graphics tool for Linux systems. The flaw, identified as CVE-2025-33206, could enable attackers to execute arbitrary code if exploited. Affected users are urged to upgrade immediately to mitigate risks.

Google has addressed a critical zero-day vulnerability in Chrome's V8 engine that was being actively exploited. The flaw allowed arbitrary code execution, posing significant risks to users. The company provides guidance on staying safe.

2025년 11월 14일 AI에 의해 보고됨

A severe remote code execution vulnerability in Imunify360 AV has been patched, affecting a security tool that protects around 56 million Linux-hosted websites. Discovered in the product's deobfuscation logic, the flaw allows attackers to execute arbitrary commands and potentially seize control of hosting servers. CloudLinux released a fix on October 21, 2025, though no formal CVE or advisory followed.

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a high-severity vulnerability in Windows SMB that is now being exploited in attacks. Windows users are urged to update their systems immediately to mitigate the risk. The alert emphasizes the need for prompt action against this security threat.

2025년 10월 20일 AI에 의해 보고됨

A proof-of-concept exploit has been released for CVE-2025-8941, a high-severity flaw in Linux-PAM's pam_namespace module. The vulnerability allows local attackers with low privileges to gain root access through race conditions and symlink manipulation. Security experts urge immediate patching to prevent system compromise.