A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.

From uncovering decades-old vulnerabilities to autonomously building exploits, Anthropic's Mythos AI frontier model is ...