SecurityWeek

Fortinet, Ivanti Patch Critical Vulnerabilities

Fortinet and Ivanti have released fixes for multiple vulnerabilities, including critical flaws leading to code execution.
The Hacker News

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...
The Hacker News

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting GitHub.com and Enterprise Server.