A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data exfiltration. OpenAI has fixed two flaws in its AI stack that could allow AI ...

What if the tools you rely on for coding, app development, or problem-solving could not only keep up with your creativity but actively enhance it? With the release of Claude 4, Anthropic’s latest ...