The samba team has released a patch for a Remote Code Execution bug that affects all versions between 3.5.0 and 4.6.3/4.5.9/4.4.13. This vulnerability will allow a malicious attacker to upload a library to a writable share then cause the server to execute that library.  Patches are available from the samba.org. 
May 25, 2017
March 9, 2017
A critical vulnerability has been discovered and released in the Apache Struts 2 framework. Patches are available from Apache. 
This vulnerability allows for unauthenticated, remote code execution on the server. Further, there are at least two known public exploits for this vulnerability  and ISP has already started to see scanning and exploit attempts against campus systems.
February 3, 2017
WordPress has fixed several critical flaws in its content management system, addressing cross-site scripting and sql injection bugs, along with a severe privilege escalation / content injection vulnerability.