The Hacker News

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and ...
SecurityWeek

Zyxel Patches Critical Vulnerability in Many Device Models

Zyxel has patched a critical-severity OS command execution vulnerability that is remotely exploitable via crafted UPnP requests.
CSO Online

VMware fixes command injection flaw in Aria Operations

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud Infrastructure as well.
Bleeping Computer

Latest Command Injection news

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...
HHS

Four-Faith Routers Exploited Using New Flaw

The vulnerability, tracked as CVE-2024-12856, affects F3x24 and F3x36 router models. It allows remote command execution through the router's default credentials, potentially compromising thousands of ...
Ars Technica

Zyxel warns of vulnerabilities in a wide range of its products

Networking hardware-maker Zyxel is warning of nearly a dozen vulnerabilities in a wide array of its products. If left unpatched, some of them could enable the complete takeover of the devices, which ...
Bleeping Computer

Latest Command Injection news

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a ...