SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.
The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Three patched LangGraph flaws could let attackers chain SQL injection and unsafe deserialization for RCE in self-hosted ...

Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...

Ivanti: Max severity Sentry flaw allows code execution as root

Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity ...
The Hacker News

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

npm 12 disables install scripts by default, requiring explicit approval to reduce dependency-based code execution risks.
Geeky Gadgets

LangChain Sandbox Run Untrusted Python Safely for AI Agents

Would you trust an AI agent to run unverified code on your system? For developers and AI practitioners, this question isn’t just hypothetical—it’s a critical challenge. The risks of executing ...
Tom's Hardware on MSN

Wide-ranging 7-Zip vulnerability with 8.8 CVE rating allows for code execution

Everyone, get your update hats on immediately, we're at DEFCON 1 ...