The Hacker News

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential theft.
Network World

Google discloses serious Linux stack-buffer overflow bug in widely used C library

A Google security engineer studying an SSH connection to a host unexpectedly discovered a deeper, darker secret in the GNU C Library (glibc). Google later proved that a bug in this library could be ...
Bleeping Computer

QNAP QTS zero-day in Share feature gets public RCE exploit

An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. Among them is ...
Threat Post

Patched Code Execution Bug Affects Most Android Users

Researchers at IBM disclosed a serious buffer overflow vulnerability in Android 4.3 and earlier that could lead to code execution. The bug is patched in KitKat, but most users are on older versions. A ...
ZDNet

Green Dam exploit in the wild

An exploit for a flaw in censorware mandated by the Chinese government has been made publicly available for download on the internet. The buffer overflow flaw exists in the latest, patched version of ...
Threat Post

Critical Flaws in VNC Threaten Industrial Environments

Some of the bugs allow remote code-execution. The open-source Virtual Network Computing (VNC) project, often found in industrial environments, is plagued with 37 different memory-corruption ...