What is Lyrie Research?

Lyrie Research is an autonomous cybersecurity intelligence platform publishing verified threat intelligence including critical CVEs, active exploitation reports, breach analysis, and original research — every article cross-validated by 3+ primary sources.

How does Lyrie.ai protect against rogue AI threats?

Lyrie.ai uses machine-speed autonomous defense to detect and neutralize rogue AI, prompt injection, and AI supply chain attacks. It responds before human analysts can react.

What cybersecurity topics does Lyrie Research cover?

Lyrie Research covers CVE deep dives, CISA KEV actively exploited vulnerabilities, data breach forensics, original cybersecurity research, and AI threat intelligence including agent-based attacks.

How often is Lyrie Research updated?

Lyrie Research is updated continuously by the autonomous Lyrie Sentinel engine, publishing new threat intelligence multiple times daily as new CVEs, exploits, and breaches are confirmed.

Is Lyrie Research free to access?

Yes, all articles on Lyrie Research are freely accessible. For active protection by the same intelligence engine, visit lyrie.ai.

← Home

#RCE

86 stories tagged.

When Prompts Become Shells: CVE-2026-25592 & CVE-2026-26030 Prove AI Agent Frameworks Are the New OS — And They Have Root Bugs

10 min · 0 sources

The Firewall That Opened the Door: CVE-2026-0300 PAN-OS Captive Portal Zero-Day Under Active State-Sponsored Exploitation

10 min · 0 sources

When the Framework Is the Vulnerability: Semantic Kernel RCE, MCP's Architectural Flaw, and the Collapse of the AI Agent Trust Boundary

11 min · 0 sources

Your Firewall Is the Exploit: CVE-2026-0300 Grants Root RCE on Palo Alto PA-Series via Captive Portal Buffer Overflow — No Patch Yet

10 min · 0 sources

The Early Reset Kill Chain: CVE-2026-23918 Apache HTTP/2 Double-Free Enables Unauthenticated DoS and Working RCE PoC

10 min · 0 sources

The Protocol That Became the Weapon: MCP Tool Poisoning, Adversarial ML, and the Client-Side Attack Class Breaking Every AI Agent You Deploy

11 min · 0 sources

The Web Server the World Forgot to Patch: CVE-2026-23918 and the Apache HTTP/2 Double-Free That Opens 60% of the Internet to RCE

8 min · 0 sources

The Eyes That Guard You Are Blind: Five Critical CVEs Turn GeoVision Surveillance Hardware Into an Attacker's Beachhead

11 min · 0 sources

The Protocol That Owns Your Developer: MCP STDIO Command Injection, 200,000 Exposed Servers, and Why Anthropic Called It a Feature

11 min · 0 sources

Your AI Coding Agent Is the Attacker Now: CVE-2026-26268, the Gemini CLI CVSS 10, and Why the Developer Toolchain Is 2026's Hottest Attack Surface

10 min · 0 sources

The Incomplete Patch Trilogy: Apache MINA's Deserialization Crisis and the Allowlist That Wasn't (CVE-2026-42779, CVE-2026-42778, CVE-2026-41635)

10 min · 0 sources

Thirty Patches, Four Craters: Chrome 147's Critical Use-After-Free Cluster and What Happens When AI Finds Bugs Faster Than Humans Can Ship Updates

10 min · 0 sources

The Protocol That Runs Everything and Trusts Everything: MCP's STDIO Architectural Flaw and the 200,000 AI Servers That Inherited It

12 min · 0 sources

The Patch That Made Things Worse: CVE-2026-35616's Textbook Header-Spoofing Bypass Turned Your Endpoint Security Manager Into the Attacker's Pivot

9 min · 0 sources

Ten Hours to Zero: How CVE-2026-39987 Turned Every Exposed Marimo Notebook Into a Blockchain Botnet Node

10 min · 0 sources

LiteLLM: Authenticated command execution via MCP stdio test endpoints

4 min · 1 sources

The Agentic Kill Chain: How MCP's Architectural RCE and In-the-Wild Prompt Injection Are Converging Into a New Attack Class

13 min · 0 sources

Hidden for 13 Years, Weaponized in Hours: The Full Exploitation Chain Behind Apache ActiveMQ CVE-2026-34197

10 min · 0 sources

The Endpoint Manager Is the Breach: FortiClient EMS CVE-2026-35616 and the Double Zero-Day Siege on Enterprise Endpoint Security

10 min · 0 sources

The Screen That Pwned the Building: Samsung MagicINFO 9 Server's Double Path-Traversal Crisis (CVE-2024-7399 + CVE-2025-4632)

10 min · 0 sources

#RCE

Master Key Over Wi-Fi: CVE-2026-0073 Android Zero-Click ADB Auth Bypass — PoC Now Public

When Prompts Become Shells: CVE-2026-25592 & CVE-2026-26030 and the New Attack Surface Every AI Team Is Missing

CVE-2026-0300: The PAN-OS Captive Portal Zero-Day That Handed State Actors Root on 225,000 Firewalls

The Mother of All AI Supply Chains: MCP's Architectural RCE Flaw and What It Means for Every AI Agent You Deploy

When Prompts Become Shells: RCE in AI Agent Frameworks and the Architecture of Trust Collapse

Burning the Perimeter: CVE-2026-0300 — Unauthenticated Root RCE in Palo Alto PAN-OS Actively Exploited

When Prompts Become Shells: The Agentic AI Framework RCE Epidemic of 2026

Two Frames to Own the Server: CVE-2026-23918 and the Apache HTTP/2 Double-Free That Stole May's Patch Cycle

The Trust Boundary Is Gone: 2026's Cascade of Agentic AI CVEs Proves the Framework Layer Is Now Critical Infrastructure

When Prompts Become Shells: CVE-2026-25592 & CVE-2026-26030 Prove AI Agent Frameworks Are the New OS — And They Have Root Bugs

The Firewall That Opened the Door: CVE-2026-0300 and the State-Sponsored Operation Hiding Inside Your Perimeter

Prompts as Shells: How AI Agent Frameworks Became the Most Dangerous New Attack Surface of 2026

The Mother of All AI Supply Chains: Anthropic's MCP Architectural Flaw Puts 200,000 Servers and 150M Downloads at Risk

The Firewall That Opened the Door: CVE-2026-0300 PAN-OS Captive Portal Zero-Day Under Active State-Sponsored Exploitation

Two Frames, One Crash: CVE-2026-23918 and the Apache HTTP/2 Double-Free That Unlocks Unauthenticated RCE

CVE-2026-0300: The PAN-OS Captive Portal Zero-Day That Handed State Actors the Keys to the Kingdom

The Firewall Flipped: CVE-2026-0300 Turns PAN-OS Captive Portal Into a State-Sponsored Entry Point

When the Framework Is the Vulnerability: Semantic Kernel RCE, MCP's Architectural Flaw, and the Collapse of the AI Agent Trust Boundary

The Device Manager Is Compromised: Ivanti EPMM's Five-CVE Zero-Day Bundle and the January Credential Domino

Root on the Perimeter: CVE-2026-0300 — The PAN-OS Captive Portal Zero-Day Being Exploited by State Actors Right Now

Firewall as Entry Point: CVE-2026-0300 PAN-OS Captive Portal RCE and the State-Sponsored Campaign That Moved First

The Third Layer: How AI Agent Skill Ecosystems Became the Supply Chain That No Scanner Can See

Your Firewall Is the Exploit: CVE-2026-0300 Grants Root RCE on Palo Alto PA-Series via Captive Portal Buffer Overflow — No Patch Yet

The Early Reset Kill Chain: CVE-2026-23918 Apache HTTP/2 Double-Free Enables Unauthenticated DoS and Working RCE PoC

The Protocol That Became the Weapon: MCP Tool Poisoning, Adversarial ML, and the Client-Side Attack Class Breaking Every AI Agent You Deploy

The Web Server the World Forgot to Patch: CVE-2026-23918 and the Apache HTTP/2 Double-Free That Opens 60% of the Internet to RCE

The Eyes That Guard You Are Blind: Five Critical CVEs Turn GeoVision Surveillance Hardware Into an Attacker's Beachhead

The Protocol That Owns Your Developer: MCP STDIO Command Injection, 200,000 Exposed Servers, and Why Anthropic Called It a Feature

Your AI Coding Agent Is the Attacker Now: CVE-2026-26268, the Gemini CLI CVSS 10, and Why the Developer Toolchain Is 2026's Hottest Attack Surface

The Incomplete Patch Trilogy: Apache MINA's Deserialization Crisis and the Allowlist That Wasn't (CVE-2026-42779, CVE-2026-42778, CVE-2026-41635)

One git push to Own GitHub: The X-Stat Header Injection Behind CVE-2026-3854

The Notebook Is the Network: CVE-2026-39987's Unauthenticated Shell Became a Blockchain Botnet in Under Ten Hours

CVE-2024-21413: Microsoft Outlook NTLM Credential Theft — Moniker Link Attack

CVE-2025-4428: Ivanti EPMM Remote Code Execution — Expression Injection via API

CVE-2025-32756: Fortinet FortiVoice Stack Overflow RCE — CVSS 9.6 Zero-Day

CVE-2025-34028: Commvault Command Center Path Traversal — CVSS 10.0

CVE-2025-31324: SAP NetWeaver Unrestricted File Upload — CVSS 10.0 Actively Exploited

CVE-2025-20188: Cisco IOS XE Wireless Controller RCE — Perfect CVSS 10.0

CVE-2025-27480: Windows Remote Desktop Services Use-After-Free RCE — Wormable Potential

CVE-2025-24985: Windows Fast FAT Driver Integer Overflow — Remote Code Execution via Disk Image

CVE-2025-32433: Erlang/OTP SSH RCE — Perfect CVSS 10.0, No Authentication Required

CVE-2025-1974: Kubernetes IngressNightmare — CVSS 9.8 Unauthenticated RCE

CVE-2025-22457: Ivanti Connect Secure Stack Overflow RCE — China-Nexus APT Exploitation

One Push to Own Them All: CVE-2026-3854 and the Injection Flaw Inside GitHub's git Pipeline

CVE-2025-30065: Apache Parquet RCE — Perfect CVSS 10.0 Score

CVE-2025-23006: SonicWall SMA100 Pre-Auth RCE — CVSS 9.8 Critical

CVE-2025-0282: Ivanti Connect Secure Pre-Auth RCE — Actively Exploited (CVSS 9.0)

Thirty Patches, Four Craters: Chrome 147's Critical Use-After-Free Cluster and What Happens When AI Finds Bugs Faster Than Humans Can Ship Updates

The AI Notebook That Left Its Terminal Open: CVE-2026-39987 and the Zero-Auth Shell Inside Your Data Science Stack

The Agent Removed the Human: Prompt Injection, Git Hooks, and the Collapse of the Developer Workstation Perimeter

The 136-Day Invisible Exploit: CVE-2026-34621's Prototype Pollution Turned Adobe's JavaScript Sandbox Into a Lie

The Protocol That Runs Everything and Trusts Everything: MCP's STDIO Architectural Flaw and the 200,000 AI Servers That Inherited It

The MCP Path Traversal Epidemic: How AI Tool Servers Became the New Attack Surface

Open the PDF, Own the Machine: CVE-2026-34621's Four-Month Silent Zero-Day in Adobe Acrobat

The Protocol Is the Exploit: How MCP's Architectural Flaw Turned 150 Million AI Downloads Into an Attack Surface

The Patch That Made Things Worse: CVE-2026-35616's Textbook Header-Spoofing Bypass Turned Your Endpoint Security Manager Into the Attacker's Pivot

Ten Hours to Zero: How CVE-2026-39987 Turned Every Exposed Marimo Notebook Into a Blockchain Botnet Node

LiteLLM: Authenticated command execution via MCP stdio test endpoints

The Agentic Kill Chain: How MCP's Architectural RCE and In-the-Wild Prompt Injection Are Converging Into a New Attack Class

Hidden for 13 Years, Weaponized in Hours: The Full Exploitation Chain Behind Apache ActiveMQ CVE-2026-34197

The Endpoint Manager Is the Breach: FortiClient EMS CVE-2026-35616 and the Double Zero-Day Siege on Enterprise Endpoint Security

The Screen That Pwned the Building: Samsung MagicINFO 9 Server's Double Path-Traversal Crisis (CVE-2024-7399 + CVE-2025-4632)

The Foundation Is the Vulnerability: How MCP's Architectural RCE Flaw Put 200,000 AI Servers at Risk

The Screen Takeover: Samsung MagicINFO CVE-2024-7399 & CVE-2025-4632 — Mirai Now Owns Your Digital Signage

Comment and Control: How Prompt Injection Became a Production Exploit Across Every Major AI Coding Agent

AI Infrastructure Under Siege: MCP's Architectural RCE and the Indirect Prompt Injection Epidemic Arrive Simultaneously

CVE-2024-4577: PHP CGI Windows Character Encoding RCE

CVE-2024-3400: Palo Alto GlobalProtect Perfect-10 Command Injection

CVE-2026-39987: Marimo Pre-Auth RCE — Root in One Request

CVE-2024-7399: Samsung MagicINFO Path Traversal to SYSTEM-Level RCE

CVE-2024-4577: PHP-CGI RCE via Windows Best-Fit Character Conversion

CVE-2023-46604: Apache ActiveMQ OpenWire Deserialization RCE

Your AI Dev Stack Is the Attack Surface: CVE-2026-39987 (Marimo) and CVE-2026-5760 (SGLang) Signal a New Threat Class

CISA: CVE-2026-39987 added to Known Exploited Vulnerabilities — Marimo Marimo

CISA: CVE-2026-1340 added to Known Exploited Vulnerabilities — Ivanti Endpoint Manager Mobile (EPMM)

CISA: CVE-2025-53521 added to Known Exploited Vulnerabilities — F5 BIG-IP

CISA adds CVE-2025-32432 to KEV: Craft CMS code injection to RCE

CISA: CVE-2024-37079 added to Known Exploited Vulnerabilities — Broadcom VMware vCenter Server

CISA: CVE-2025-14733 added to Known Exploited Vulnerabilities — WatchGuard Firebox