February 9, 2026

Bugs

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

Admin04 mins mins

Ravie LakshmananJan 21, 2026Vulnerability / Artificial Intelligence Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization. Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API…

Read More

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Admin05 mins mins

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2025-55182, carries a CVSS score of 10.0. The vulnerability has been codenamed React2shell. It allows “unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent…

Read More

Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed

Admin03 mins mins

Nov 04, 2025Ravie Lakshmanan Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities “allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications,” Check Point said in a report shared with The Hacker News. Following responsible disclosure in…

Read More