Remote-Code-Execution

🟠 High | Source: The Hacker News A critical remote code execution vulnerability (CVE-2026-23479) in Redis, introduced in version 7.2.0 over two years ago, has been patched following discovery by an autonomous AI-powered bug-hunting tool. The flaw is a use-after-free bug in Redis’s blocking-client handling code, allowing any authenticated user to execute arbitrary operating system commands on the host server. This is significant because Redis is widely deployed across cloud environments as a caching and data store layer, meaning exposure could lead to full host compromise. ...

🟠 High | Source: The Hacker News A use-after-free vulnerability in Redis (CVE-2026-23479) allows an authenticated user to execute arbitrary operating system commands on the host machine. Present in every stable Redis branch since version 7.2.0, the flaw went undetected for over two years before being discovered by an autonomous AI-powered code analysis tool. Because Redis is widely deployed as a caching and session layer in cloud environments, successful exploitation could lead to full host compromise. ...

🔴 Critical | Source: The Hacker News CISA has added CVE-2026-45247, a critical remote code execution vulnerability in the Mirasvit Cache Warmer Magento extension, to its Known Exploited Vulnerabilities catalogue following confirmed active exploitation. The flaw, scoring 9.8 on the CVSS scale, stems from insecure deserialisation of untrusted data, allowing an attacker to execute arbitrary code on affected systems. Any organisation running this extension on their Magento e-commerce platform should treat this as an urgent remediation priority. ...

🔴 Critical | Source: CISA Known Exploited Vulnerabilities A critical vulnerability in the Mirasvit Full Page Cache Warmer extension for Magento/Adobe Commerce allows unauthenticated attackers to execute arbitrary code on affected servers. The flaw stems from unsafe deserialisation of a crafted PHP object passed via the CacheWarmer cookie, requiring no login or prior access. This vulnerability is actively being exploited in the wild, confirmed by CISA’s inclusion in its Known Exploited Vulnerabilities catalogue. ...

🟠 High | Source: The Hacker News A high-severity vulnerability in Oracle WebLogic Server (CVE-2024-21182) has been added to CISA’s Known Exploited Vulnerabilities catalogue following confirmed active exploitation in the wild. The flaw allows an unauthenticated attacker with network access to take full control of affected servers without any credentials. Any organisation running Oracle WebLogic in cloud or on-premises environments should treat this as an urgent remediation priority. Architect’s Take: Audit your cloud environments immediately for internet-exposed or network-accessible WebLogic instances and apply Oracle’s patch from the January 2024 Critical Patch Update without delay. As an interim control, restrict network access to WebLogic admin ports using security groups or firewall rules, and consider placing instances behind a WAF or application gateway. ...

🟠 High | Source: AWS Security Bulletins A vulnerability in AWS’s Kiro agentic IDE (versions prior to 0.11) allows remote unauthenticated attackers to write to execution-sensitive files such as .vscode/tasks.json, which can trigger automatic command execution when a folder is opened. The flaw stems from insufficient access control restrictions in the IDE’s file write tool. This is particularly concerning as it can be exploited via crafted instructions, potentially through AI agent interactions. ...