TechRadar

This SmarterMail vulnerability allows Remote Code Execution - here's what we know

SmarterMail patched CVE-2025-52691, a maximum-severity RCE flaw allowing unauthenticated arbitrary file uploads Exploitation could let attackers deploy web shells or malware, steal data, and pivot ...
Bleeping Computer

MongoDB warns admins to patch severe vulnerability immediately

Update 12/26/25: Article updated to correct that the flaw has not been officially classified as an RCE. MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...
Bleeping Computer

IBM warns of critical API Connect auth bypass vulnerability

IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API Connect is an application ...
The Indianapolis Star

Who are Indianapolis Colts free agents in 2026? Daniel Jones, Alec Pierce, Philip Rivers

The Indianapolis Colts (8-7) have been eliminated from AFC playoff contention. They won seven of their first eight games before the schedule toughened, quarterback Daniel Jones suffered two injuries — ...
Hosted on MSN

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...