MITRE ATT&CK — FreeIntelHub

T1190 — Exploit Public-Facing Application (Initial Access)

205 articles found

SC Media Vulnerability Disclosure Apr 1

AI discovers RCE vulnerabilities in Vim and Emacs text editors

Vulnerabilities in the widely used Vim and GNU Emacs text editors, discovered with the assistance of the Claude AI, allow for remote code execution simply by...

T1190

SC Media →

HackRead Zero-Day Amazon Linux WordPress Apr 1

ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

New research from Octagon Networks reveals a critical zero-day ImageMagick vulnerability that allows Remote Code Execution (RCE) via simple image uploads aff...

T1190

HackRead →

GBHackers CVE Oracle Apr 1

Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks

A maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote C...

T1190 1 IOC

GBHackers →

BleepingComputer Vulnerability Disclosure Mar 31

Claude AI finds Vim, Emacs RCE bugs that trigger on file open

Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by openi...

T1190

BleepingComputer →

SC Media Vulnerability Disclosure Google Linux Mar 31

New critical Telegram zero-click issue threatens total device compromise

Cybernews reports that Telegram for Android and Telegram Desktop for Linux have been affected by a critical zero-click vulnerability that could enable remote...

T1190

SC Media →

CSO Online CVE F5 Mar 31

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentic...

T1190 T1598 1 IOC

CSO Online →

SC Media CVE F5 Mar 31

F5 BIG-IP APM systems vulnerable to critical remote code execution flaw

The vulnerability, identified as CVE-2025-53521, allows attackers to gain complete control of affected servers through malicious traffic, enabling remote cod...

T1190 1 IOC

SC Media →

GBHackers Zero-Day Amazon Intel Mar 31

Claude AI Uncovers Zero-Day RCE Vulnerabilities in Vim and Emacs

Security researchers at Calif recently demonstrated the evolving power of artificial intelligence in vulnerability research by using Claude AI to uncover zer...

T1190

GBHackers →

Security Affairs Zero-Day Mar 30

It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI ...

T1190

Security Affairs →

BleepingComputer Vulnerability Disclosure F5 Mar 30

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are ex...

T1190

BleepingComputer →

Security Affairs CVE Fortinet Mar 30

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet F...

T1190 1 IOC

Security Affairs →

GBHackers Vulnerability Disclosure Amazon Mar 30

Critical Grafana Flaws Allow Attackers to Achieve Remote Code Execution

Grafana Labs has rolled out critical security updates to address two severe vulnerabilities impacting its widely used analytics and interactive visualization...

T1190

GBHackers →

Zero Day Initiative CVE Apple Mar 30

ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this v...

T1190 1 IOC

Zero Day Initiative →