Overview
- n8n-io
- n8n
Description
Statistics
- 11 Posts
- 3 Interactions
Fediverse
RE: https://infosec.exchange/@cR0w/115849435087390469
LMFAO another one. 🥳
https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg
https://www.cve.org/CVERecord?id=CVE-2026-21858 ( not yet published )
Bluesky
Description
Statistics
- 6 Posts
- 2 Interactions
Fediverse
Huh, CVE-2009-0556 added to KEV? :blobcateyes: https://www.cisa.gov/news-events/alerts/2026/01/07/cisa-adds-two-known-exploited-vulnerabilities-catalog
Bluesky
Overview
- n8n-io
- n8n
Description
Statistics
- 4 Posts
- 3 Interactions
Fediverse
Une seconde faille critique RCE affecte n8n – CVE-2026-21877 : comment se protéger ? https://www.it-connect.fr/n8n-cve-2026-21877-faille-critique-rce/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #n8n
Bluesky
Overview
- Red Hat
- Red Hat build of Apache Camel for Spring Boot 4
- undertow-core
Description
Statistics
- 3 Posts
- 5 Interactions
Fediverse
https://access.redhat.com/security/cve/cve-2025-12543
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.
🔴 CVE-2025-12543 - Critical (9.6)
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malform...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-12543/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Overview
- parallax
- jsPDF
Description
Statistics
- 3 Posts
- 2 Interactions
Fediverse
#jsPDF: Critical Path Traversal Vulnerability (CVE-2025-68428) in jsPDF - a widely-adopted #npm package for generating PDF documents in JavaScript applications allows attackers to read & exfiltrate arbitrary files from the local filesystem:
👇
https://www.endorlabs.com/learn/cve-2025-68428-critical-path-traversal-in-jspdf
Overview
Description
Statistics
- 3 Posts
- 4 Interactions
Fediverse
Reset the "Days since ASN1 vuln" sign to 0.
https://www.cve.org/CVERecord?id=CVE-2025-13151
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.
🟠 CVE-2025-13151 - High (7.5)
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13151/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Description
Statistics
- 3 Posts
- 3 Interactions
Fediverse
'In 2025, the number of vulnerabilities from 2024 and earlier added to the catalog grew to 94, a 34% increase from a year earlier.
'The oldest vulnerability added to the KEV catalog in 2025 was CVE-2007-0671, a Microsoft Office Excel Remote Code Execution vulnerability.
'The oldest vulnerability in the catalog remains one from 2002 – CVE-2002-0367, a privilege escalation vulnerability in the Windows NT and Windows 2000 smss.exe debugging subsystem that has been known to be used in ransomware attacks'.
https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/
Overview
Description
Statistics
- 3 Posts
Bluesky
Overview
- WatchGuard
- Mobile VPN with SSL Client
Description
Statistics
- 1 Post
- 6 Interactions
Fediverse
After coming across an outdated version of WatchGuard's Mobile VPN with SSL last year and being unable to quickly find a public proof of concept for CVE-2025-1910, we took a closer look and created one ourselves: https://lutrasecurity.com/en/articles/cve-2025-1910-watchguard-privilege-escalation/
Thanks to @tomtom of #AKASEC for finding the vulnerability and providing a great write-up!
Overview
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Another video showing how incredibly easy the n8n RCE vulnerability (CVE-2025-68613) is.
Credit: http://youtube.com/@0xmrsecurity