SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.
SecurityWeek

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.
Infosecurity Magazine

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...
The Hacker News

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...
CSO Online

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...
Que.com on MSN

SmarterMail patches critical unauthenticated RCE flaw rated CVSS 9.3

SmarterMail administrators have an urgent security update to prioritize: a critical unauthenticated remote code execution (RCE) vulnerability with a CVSS ...
The Hacker News

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds fixed six Web Help Desk vulnerabilities, including four critical flaws that allow unauthenticated remote code ...
The Register on MSN

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Prompt injection for the win Anthropic has fixed three bugs in its official Git MCP server that researchers say can be ...
Infosecurity Magazine

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...