Just found a 1-click RCE in pewdiepie's Odysseus Chat
Summary
A researcher discovered a 1-click remote code execution vulnerability in PewDiePie's Odysseus Chat and is submitting a PR to fix it.
Similar Articles
Another 1-click admin account takeover in pewdiepie's AI tool (language in video nsfw)
A security vulnerability allowing 1-click admin account takeover has been discovered in PewDiePie's AI tool.
Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection
A security researcher discovered a Remote Code Execution (RCE) vulnerability in Claude Code caused by improper parsing of deeplink settings, allowing arbitrary command injection via hooks. The issue has been resolved in version 2.1.118.
Full Disclosure: 1-Click GitHub Token Stealing via a VSCode Bug
A security researcher discloses a critical vulnerability in VSCode's webview that allows attackers to steal full-access GitHub OAuth tokens by luring users to click a link. The bug affects the github.dev web editor.
CVE-2026-46529: 10-year-old RCE in Linux PDF Viewer (XReader/Evince/Atril)
A security researcher discovered CVE-2026-46529, a 10-year-old remote code execution vulnerability in Linux PDF viewers XReader, Evince, and Atril, caused by insufficient argument quoting when spawning child processes to open remote document links.
A 0-click exploit chain for the Pixel 10
Google Project Zero published a zero-click exploit chain for the Pixel 10, leveraging a Dolby vulnerability and a new VPU driver flaw to achieve root access on Android.