The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
TechRepublic

arbitrary code execution

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices. Google released a Chrome security update fixing two high ...
Ars Technica

Topic: arbitrary code

Ars Technica has been separating the signal from the noise for over 25 years. With our unique combination of technical savvy and wide-ranging interest in the technological arts and sciences, Ars is ...