remote code execution

Claude Desktop Extension leads to a zero-click remote code execution vulnerability based on indirect prompt injection due to a sandbox-less architecture and granting full system privileges to the AI agent. The vulnerability exploits a design flaw in the MCP protocol that lacks trust boundaries, allowing an attacker to achieve arbitrary code execution by contaminating external data sources. Despite the highest risk rating, the vendor refused to fix the vulnerability on the grounds that it was "outside of the threat model," sparking widespread controversy over the division of security responsibilities in the age of AI. This case highlights the fundamental security risks of AI agent systems in terms of privilege control and input validation.
Key points include:
1. High-privilege sandbox-less architecture: Claude DXT runs as a local MCP server, detached from the browser sandbox, inheriting all system privileges from the user, creating a high-risk attack surface.
2. Zero-hit indirect prompt injection: The attacker embedded malicious commands in legitimate data sources such as Google Calendar, inducing the AI agent to obtain and mistakenly execute them on its own, with no user interaction required.
3. MCP Protocol Trust Boundary Failure: The Model Context Protocol allows the output of low-risk operations to directly trigger high-risk system calls, resulting in an "obfuscated agent" vulnerability that makes the AI a springboard for attack.

CVE-2025-6554 is a Type Confusion vulnerability in the Google Chrome V8 JavaScript engine. Type Confusion is a common class of memory corruption vulnerabilities that can lead to unsafe memory operations when a program incorrectly interprets one data type as another, allowing an attacker to execute arbitrary code on the victim's system.

Fortinet has released a FortiOS SSL VPN high-risk security vulnerability (Vulnerability CVE: CVE-2024-21762) that may have been exploited in the wild.

Rapid Software LLC's industrial automation platform, Rapid SCADA, has been found to be susceptible to multiple critical vulnerabilities, posing significant risks of remote code execution, unauthorized access and privilege escalation. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a bulletin detailing the potential vulnerabilities and urging immediate action.

Juniper Networks (NASDAQ: JUNIER) has issued a security vulnerability advisory to fix a critical Remote Code Execution (RCE) vulnerability in the SRX Series Firewalls and EX Series Switches (CVE-2024-21591), as well as another high-risk vulnerability in Junos OS and Junos OS Evolved (CVE- 2024-21611), which can also be exploited by unauthenticated network attackers to cause a denial of service attack. 2024-21611) in Junos OS and Junos OS Evolved, which can also be exploited by an unauthenticated attacker to cause a denial-of-service attack.

The U.S. Cybersecurity and Infrastructure Security Administration (CISA) released six exploited vulnerabilities involving vendors Apple, Apache, Adobe, D-Link, Joomla! and others, and the CVE-2023-41990 vulnerability has been fixed by Apple, but is still being exploited by unknown attackers. It is recommended to affected to carry out vulnerability fixes to protect their network security.

Apache Struts code execution vulnerability (CVE-2023-50164) allows attackers to control file upload parameter execution path traversal, and in some cases can upload malicious files to execute arbitrary code.