Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Malicious code vulnerability with maximum rating threatens Firebird

The open-source database management system Firebird is vulnerable in several ways. It can allow malicious code onto systems.
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
TechRepublic

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’

GitLab Vulnerability ‘Highlights the Double-Edged Nature of AI Assistants’ Your email has been sent A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and ...
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Infosecurity-magazine.com

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Vibe coding tools like Anthropic's Claude Code are flooding software with new vulnerabilities, Georgia Tech researchers have warned. At least 35 new common vulnerabilities and exposures (CVE) entries ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...