CVE-2024-32002 turns git clone –recursive into RCE on case-insensitive filesystems. A crafted submodule + symlink can plant a Git hook in .git and execute code before review.
NGINX Rift: The 18-Year-Old Rewrite Bug That Turned a Single HTTP Request into Potential RCE
NGINX Rift is a heap overflow in the rewrite module that may crash workers or enable RCE under specific configs. Public PoC exists, so patching and config audits are urgent.
From API Key to Server Takeover: How LiteLLM 1.83.14 Chained Secret Leakage and Jinja2 SSTI into RCE
A LiteLLM 1.83.14 exploit chain leaks the master key through callback metadata, then abuses non-sandboxed Jinja2 GitLab prompts to achieve server-side RCE.
One Newline to Own Exim: How a Tiny TLS/BDAT Use-After-Free Became Unauthenticated RCE
A deep dive into CVE-2026-45185: an unauthenticated Exim RCE where one stale TLS/BDAT ungetc() byte corrupts freed memory and leads to exploitation.
Fail Open, Game Over: Turning a One-LineTomcat Fix into Unauthenticated RCE
A flaw in Apache Tomcat Tribes clustering allows attackers to send crafted cluster messages that bypass authentication and trigger unsafe deserialization, leading to unauthenticated remote code execution on exposed servers.
Now You See mi: Hacking the Xiaomi C400 Camera
Researchers exploited weaknesses in Xiaomi’s miIO protocol to bypass authentication, predict cryptographic values, and trigger memory corruption, ultimately achieving remote code execution and a cloud-independent jailbreak on a Xiaomi C400 camera.
MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)
AI Security ResearchExploit DevelopmentexploitationFreeBSDkernel-modeLLM Exploit DevelopmentRCEROPStack Overflow
Researchers showed that the Claude AI model could generate a working exploit for a FreeBSD kernel vulnerability (CVE-2026-4747), producing a remote root shell by building a stack overflow and ROP chain with minimal human guidance.
A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils Telnetd CVE-2026-32746 Pre-Auth RCE)
The article analyzes CVE-2026-32746, a decades-old vulnerability in GNU Inetutils telnetd where a malformed LINEMODE SLC option triggers an out-of-bounds write, enabling unauthenticated remote exploitation.
Exploiting a PHP Object Injection in Profile Builder Pro in the era of AI
The article explains how researchers exploited an unauthenticated PHP Object Injection in the WordPress plugin Profile Builder Pro, showing how AI tools can accelerate vulnerability discovery and exploit development in modern web applications.
Living off the Process
The article “Living off the Process” details a technique to inject and execute shellcode into a remote Windows process by reusing existing RWX memory, ROP gadgets, and threads within that process, avoiding conventional memory allocation and lowering detection footprint.