Ubiquiti patches three max severity UniFi OS vulnerabilities

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges.
Bleeping Computer

Latest Command Injection news

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the ...
Dark Reading

Max-Critical Cisco Bug Enables Command-Injection Attacks

Cisco is warning of a critical security vulnerability found in its Unified industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) access points that could allow an ...
Dark Reading

Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control

An attacker can exploit the command injection flaw to gain remote access to robotic systems, causing significant disruption ...
SecurityWeek

Critical Vulnerability Exposes Industrial Robot Fleets to Hacking

Universal Robots PolyScope 5 is affected by CVE-2026-8153, a vulnerability that can be exploited to hack industrial robots.
Infosecurity-magazine.com

Google’s Bazel Exposed to Command Injection Threat

Security researchers have recently unearthed a supply-chain vulnerability within Bazel, one of Google’s flagship open-source products. The flaw centered around a command injection vulnerability in a ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.
CSOonline

Chaos-Mesh flaws put Kubernetes clusters at risk of full takeover

Four newly discovered vulnerabilities in the fault simulation platform can lead to OS command injection and cluster takeover, even from unprivileged pods. Researchers have found critical ...