RCE Articles

Metro4Shell: Critical React Native CLI Vulnerability Actively Exploited Against Developers

CVE-2025-11953 in React Native CLI's Metro Development Server is being exploited in the wild to deploy Rust-based malware on developer systems, with attacks observed since December 2025.

February 4, 2026 React Native vulnerability RCE

New n8n Vulnerability CVE-2026-25049 Bypasses Previous Patch to Enable Remote Code Execution

A critical flaw in n8n (CVSS 9.4) exploits TypeScript/JavaScript type mismatch to bypass sanitization from a December 2025 patch, enabling authenticated remote command execution via webhook workflows.

February 4, 2026 n8n vulnerability RCE

NationStates Browser Game Confirms Data Breach After RCE Exploit

NationStates shut down its site after a vulnerability reporter chained input sanitization flaws to achieve remote code execution, copying user emails, password hashes, and IP addresses.

February 2, 2026 data breach RCE gaming

Critical vLLM Vulnerability Lets Attackers Hijack AI Servers via Video Link

CVE-2026-22778, a critical RCE in vLLM versions 0.8.3-0.14.0, chains a PIL information leak with a JPEG2000 heap overflow to achieve code execution through a malicious video link.

February 2, 2026 vLLM AI security vulnerability

OpenClaw AI Agent Vulnerability Enables One-Click Remote Code Execution

CVE-2026-25253 (CVSS 8.8) allows attackers to steal authentication tokens and achieve RCE through a single malicious link via cross-site WebSocket hijacking—even on localhost-only OpenClaw instances.

February 2, 2026 OpenClaw AI security RCE

New n8n Sandbox Escape Vulnerabilities Allow Remote Code Execution

JFrog discovered two sandbox escape flaws in n8n: CVE-2026-1470 (CVSS 9.9) bypasses JavaScript sandboxing via deprecated 'with' statement, and CVE-2026-0863 (CVSS 8.5) escapes Python restrictions via AttributeError.obj.

February 2, 2026 n8n vulnerability RCE

Ivanti EPMM Zero-Days Chained for Unauthenticated RCE, Already Exploited in the Wild

Two chained Ivanti EPMM vulnerabilities (CVE-2026-1281 and CVE-2026-1340, both CVSS 9.8) allow unauthenticated RCE via Bash command injection. CISA gave federal agencies only 3 days to patch.

January 30, 2026 Ivanti zero-day vulnerability

SolarWinds Patches Critical RCE and Auth Bypass Flaws in Web Help Desk

Four critical vulnerabilities in SolarWinds Web Help Desk allow unauthenticated remote code execution and authentication bypass. CISA confirms active exploitation with February 6 federal deadline.

January 29, 2026 SolarWinds RCE vulnerability

Critical 'Cellbreak' Vulnerability in Grist Spreadsheet Platform Enables RCE

CVE-2026-24002 allows remote code execution through malicious spreadsheet formulas via Pyodide sandbox escape. Affects government, education, and enterprise deployments.

January 27, 2026 vulnerability RCE Grist

Cisco Patches Actively Exploited Zero-Day in Unified Communications and Webex

CVE-2026-20045, a CVSS 9.8 RCE flaw in Cisco Unified CM, is being actively exploited. No workaround exists—organizations must upgrade to 14SU5 or 15SU4 immediately.

January 22, 2026 Cisco zero-day CVE-2026-20045

Redis RCE Vulnerability Exploitable Despite Authentication — Upgrade to 8.3.2

CVE-2025-62507 is a stack buffer overflow in Redis 8.2's XACKDEL command. JFrog researchers demonstrated full remote code execution is achievable, contradicting the initial 'authentication required' assessment.

January 17, 2026 Redis vulnerability RCE

Critical n8n Workflow Automation Flaw Allows Remote Code Execution

CVE-2026-21858 'Ni8mare' (CVSS 10.0) enables unauthenticated attackers to read files, bypass authentication, and execute commands on n8n servers through a Content-Type confusion flaw.

January 7, 2026 vulnerability n8n RCE

Critical D-Link Router Vulnerability Actively Exploited for Remote Code Execution

CVE-2026-0625 enables unauthenticated remote code execution on legacy D-Link DSL, DIR, and DNS devices via command injection. Attacks observed since November 2025; no patch available for end-of-life devices.

January 6, 2026 D-Link vulnerability RCE