A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...

Docker has released security fixes for a critical vulnerability affecting its AI-assisted feature known as Ask Gordon. The issue could allow attackers to trigger arbitrary code execution under certain ...

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...

Oasis Security has uncovered a flaw in the widely used AI-powered code editor Cursor that lets malicious repositories silently execute code the moment a developer opens them. According to a disclosure ...

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...