devtake.dev

devtake.dev — #rceArticles tagged rce on devtake.dev.https://devtake.dev/en-usAn AI agent found 21 ways to attack FFmpeg, the codec library inside almost everythinghttps://devtake.dev/article/ffmpeg-21-zero-days/https://devtake.dev/article/ffmpeg-21-zero-days/DepthFirst's agent surfaced 21 FFmpeg zero-days for about $1,000. One 183-byte packet hits RCE. The deeper story is who pays the volunteers who fix them.Sat, 13 Jun 2026 13:00:00 GMTsecuritysecurityffmpegopen-sourcercevulnerabilityfuzzingluca-reinhardtVS Code's webview sandbox leaks GitHub tokens that read and write every private repohttps://devtake.dev/article/vscode-zero-day-github-token-theft/https://devtake.dev/article/vscode-zero-day-github-token-theft/A disclosed VS Code zero-day lets one click on a malicious github.dev notebook steal a GitHub OAuth token with full read-write access to every private repo.Wed, 03 Jun 2026 13:15:00 GMTsecuritysecuritygithubcredential-theftdev-toolsrcesupply-chainoauthluca-reinhardtGitHub banned the researcher dropping Windows zero-days. The code was already mirrored everywhere.https://devtake.dev/article/github-bans-researcher-windows-zero-day/https://devtake.dev/article/github-bans-researcher-windows-zero-day/GitHub wiped Nightmare-Eclipse's account on May 23 after weeks of unpatched Windows exploits. The ban reopened the oldest fight in security: who decides what research gets hosted?Fri, 29 May 2026 06:50:00 GMTsecuritysecuritygithubvulnerability-disclosurezero-daymicrosoftwindowssupply-chainrceluca-reinhardtA bad command-line parser turned every claude-cli:// link into a remote shellhttps://devtake.dev/article/claude-code-rce-deeplink-cve/https://devtake.dev/article/claude-code-rce-deeplink-cve/Joernchen of 0day.click found a deeplink RCE in Claude Code. Anthropic shipped the fix in 2.1.118 the same week.Wed, 20 May 2026 09:15:00 GMTsecuritysecurityanthropicclaude-coderceai-securitysupply-chainai-agentsdev-toolsluca-reinhardtF5 patched an 18-year-old NGINX bug. Attackers can RCE a third of the web with one crafted request.https://devtake.dev/article/nginx-rift-18-year-rce/https://devtake.dev/article/nginx-rift-18-year-rce/F5 disclosed CVE-2026-42945 on May 13 after depthfirst's analyzer found a heap overflow in a 2008 commit. NGINX 1.31.0 ships the patch, every Plus tier needs an upgrade.Thu, 14 May 2026 10:30:00 GMTsecuritysecuritynginxf5cve-2026-42945rceheap-overflowdepthfirstai-securityluca-reinhardtWiz found an RCE in GitHub's git-push pipeline. The patch shipped in six hours.https://devtake.dev/article/github-rce-cve-2026-3854-wiz/https://devtake.dev/article/github-rce-cve-2026-3854-wiz/CVE-2026-3854 is a CVSS 8.7 RCE in GitHub's git-push pipeline. github.com fixed it within hours. 88% of Enterprise Server installs were still vulnerable at disclosure.Wed, 29 Apr 2026 09:05:00 GMTsecuritygithubsecuritycve-2026-3854rcesupply-chainwizgithub-actionsdev-toolsluca-reinhardtA malicious GGUF file owns your SGLang server: CVE-2026-5760 is an unpatched 9.8https://devtake.dev/article/sglang-cve-2026-5760-gguf-rce/https://devtake.dev/article/sglang-cve-2026-5760-gguf-rce/SGLang's reranker renders chat templates without a sandbox. Load a hostile GGUF, hit /v1/rerank, and the attacker has Python on your inference box. No patch yet.Mon, 27 Apr 2026 11:30:00 GMTsecuritysglangcve-2026-5760supply-chainai-securityllmrcejinja2ggufluca-reinhardtprotobuf.js RCE: a 52M/week npm package was one bad type name from code executionhttps://devtake.dev/article/protobuf-javascript-rce-cve/https://devtake.dev/article/protobuf-javascript-rce-cve/GHSA-xq3m-2v4x-88gg hits protobuf.js ≤8.0.0 / ≤7.5.4. Attacker-controlled schemas executed arbitrary JS on decode. One-line fix patched it.Tue, 21 Apr 2026 12:00:00 GMTsecuritynpmprotobufjavascriptsupply-chainrceendor-labsgrpcluca-reinhardt