Skip to content
The Nexus
DossierENTITY

arbitrary code execution

Coverage of arbitrary code execution in the Nexus archive.

Earliest in view: Apr 21 · 10:52 UTCMost recent: Jul 11 · 06:45 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 11 · 06:45 UTCTHE HACKER NEWS
    Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions

    Zimbra is urging customers to apply updates to address a critical security vulnerability in the Classic Web Client that could allow arbitrary code execution via stored cross-site scripting (XSS). The flaw could enable malicious scripts to run in user sessions through specially crafted emails and has not yet been assigned a CVE identifier.

  • SECURITYMay 28 · 17:24 UTCTHE HACKER NEWS
    Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

    A critical remote code execution (RCE) vulnerability has been disclosed in Gogs, an open-source self-hosted Git service, allowing authenticated users to execute arbitrary code. The flaw is rated 9.4 on the CVSS scoring system and currently lacks a CVE identifier.

  • SECURITYApr 30 · 07:07 UTCTHE HACKER NEWS
    Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

    Google has patched a critical security vulnerability (CVSS 10) in the Gemini CLI npm package and GitHub Actions workflow, which could have enabled unprivileged attackers to execute arbitrary code on host systems by injecting malicious configuration content.

  • SECURITYApr 21 · 10:52 UTCDARK READING
    Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

    Google addressed a critical remote code execution (RCE) vulnerability in its AI-based Antigravity Tool. The flaw, a prompt injection vulnerability in an agentic AI product for filesystem operations, stemmed from a sanitization issue enabling sandbox escape and arbitrary code execution.