Topic

#remote-code-execution

2 articles exploring remote-code-execution. Expert insights and analysis from our editorial team.

Showing 1–2 of 2 articles
Related topics:
mcp-security cve-2026-30615 windsurf ai-ide-security prompt-injection zero-click

Articles

Newest first
Security

Windsurf CVE-2026-30615 Is the Only Zero-Click in the April MCP RCE Wave: HTML Rewrites the Config

CISA-ADP scored CVE-2026-30615 CVSS 8.0 HIGH, making Windsurf the sole zero-click IDE in the April MCP RCE wave: attacker HTML silently rewrites mcp.json with no user.
Security

SGLang's CVE-2026-5760 Turns a GGUF Download Into RCE, Shifting the Trust Boundary to Hugging Face

CVE-2026-5760 lets poisoned GGUF files trigger Jinja2 SSTI through SGLang's unsandboxed template rendering, forcing teams to treat hub downloads as executable code.
Browse All Topics