remote code execution | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746 , carries a CVSS score of 9.8 out of 10.0. It has been described as a case of out-of-bounds write in the LINEMODE Set Local Characters (SLC) suboption handler that results in a buffer overflow, ultimately paving the way for code execution. Israeli cybersecurity company Dream, which discovered and reported the flaw on March 11, 2026, said it affects all versions of the Telnet service implementation through 2.7. A fix for the vulnerability is expected to be available no later than April 1, 2026. "An unauthenticated remote attacker can exploit this by sending a specially crafted message during the initial connection handshake — before any login prompt appears," Dream said in an alert. "Successful...

Cybersecurity researchers have disclosed details of a new method for exfiltrating sensitive data from artificial intelligence (AI) code execution environments using domain name system (DNS) queries. In a report published Monday, BeyondTrust revealed that Amazon Bedrock AgentCore Code Interpreter's sandbox mode permits outbound DNS queries that an attacker can exploit to enable interactive shells and bypass network isolation. The issue, which does not have a CVE identifier, carries a CVSS score of 7.5 out of 10.0. Amazon Bedrock AgentCore Code Interpreter is a fully managed service that enables AI agents to securely execute code in isolated sandbox environments , such that agentic workloads cannot access external systems. It was launched by Amazon in August 2025. The fact that the service allows DNS queries despite "no network access" configuration can allow "threat actors to establish command-and-control channels and data exfiltration over DNS in certain scenar...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The vulnerability, CVE-2025-47813 (CVSS score: 4.3), is an information disclosure vulnerability that leaks the installation path of the application under certain conditions. "Wing FTP Server contains a generation of error messages containing sensitive information vulnerability when using a long value in the UID cookie," CISA said. The shortcoming affects all versions of the software prior to and including version 7.4.3. The issue was addressed in version 7.4.4, shipped in May following a responsible disclosure by RCE Security researcher Julien Ahrens. It's worth noting that version 7.4.4 also patches CVE-2025-47812 (CVSS score: 10.0), another critical bug in the same product that allows for remote code execution. As of July 2025, the vuln...

Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if successfully exploited, could result in remote code execution. The vulnerabilities are as follows - CVE-2026-21666 (CVSS score: 9.9) - A vulnerability that allows an authenticated domain user to perform remote code execution on the Backup Server. CVE-2026-21667 (CVSS score: 9.9) - A vulnerability that allows an authenticated domain user to perform remote code execution on the Backup Server. CVE-2026-21668 (CVSS score: 8.8) - A vulnerability that allows an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. CVE-2026-21672 (CVSS score: 8.8) - A vulnerability that allows local privilege escalation on Windows-based Veeam Backup & Replication servers. CVE-2026-21708 (CVSS score: 9.9) - A vulnerability that allows a Backup Viewer to perform remote code execution as the postgres user. The sho...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 (CVSS score: 9.9), concerns a case of expression injection that leads to remote code execution. The security shortcoming was patched by n8n in December 2025 in versions 1.120.4, 1.121.1, and 1.122.0. CVE-2025-68613 is the first n8n vulnerability to be placed in the KEV catalog. "N8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution," CISA said. According to the maintainers of the workflow automation platform, the vulnerability could be weaponized by an authenticated attacker to execute arbitrary code with the privileges of the n8n process. Successful exploitation of the flaw could result in a c...