Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote ...
ZDNet

Nvidia patches code execution vulnerability in GeForce Experience

Nvidia has released a patch to fix a serious security vulnerability in GeForce Experience which can be exploited to perform local code execution attacks. Revealed this week, the security flaw was ...
Bleeping Computer

Git patches two critical remote code execution security flaws

Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based buffer overflow weaknesses. A third Windows ...
Ars Technica

Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet

Exploit code has been released for a serious code-execution vulnerability in Log4j, an open source logging utility that’s used in countless apps, including those used by large enterprise organizations ...
ZDNet

Discord desktop app vulnerability chain triggered remote code execution attacks

Discord has patched a critical issue in the desktop version of the messaging app which left users vulnerable to remote code execution (RCE) attacks. Bug bounty hunter Masato Kinugawa developed an ...
Dark Reading

What You Need to Know About Arbitrary Code Execution Vulnerabilities

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...