The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
SecurityWeek

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical-severity n8n vulnerabilities could have led to unauthenticated remote code execution, sandbox escape, and credential theft.

Iran-nexus hackers target flaws in surveillance cameras

The threat activity echoes prior exploitation during the Israeli war with Hamas, a precursor to attacks against critical ...
Bleeping Computer

QNAP fixes critical QVR remote command execution vulnerability

QNAP has released several security advisories today, one of them for a critical security issue that allows remote execution of arbitrary commands on vulnerable QVR systems, the company's video ...
SecurityWeek

VMware Aria Operations Vulnerability Exploited in the Wild

CVE-2026-22719, a recently patched vulnerability in VMware Aria Operations, has been exploited in the wild, CISA warned.
Bleeping Computer

Latest Remote Command Execution news

Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025. Modern attacks have shifted focus to the browser, ...
Hosted on MSN

Libraseva urges users to patch now as it issues emergency fix following attacks

Libraesva patched CVE-2025-59689, a medium-severity remote command execution vulnerability Attack exploited compressed email attachments; threat actor likely a ...