Overview
Description
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Statistics
- 5 Posts
- 2 Interactions
Last activity: 9 hours ago
Bluesky
Scan results for n8n CVE-2026-21858 (CVSS 10.0 RCE) for 2026-01-09: 105,753 vulnerable instances by unique IP found - out of 230,562 IPs with n8n we see that day.
Dashboard Tree Map view: dashboard.shadowserver.org/statistics/c...
IP data in Vulnerable HTTP: www.shadowserver.org/what-we-do/n...
Deconstructing the n8n Critical RCE (CVE-2026-21858) and the Death of Implicit Trust.
www.linkedin.com/pulse/invisi...
The latest update for #ArcticWolf includes "CVE-2026-21858: Critical Unauthenticated File Access Vulnerability in n8n 'Ni8mare'" and "2025 Year in Review: Building the Future of #SecurityOperations".
#cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
Thank you to Validin for the collaboration on the scan!
Dashboard World Map view:
dashboard.shadowserver.org/statistics/c...
CVE-2026-21858 Tracker:
dashboard.shadowserver.org/statistics/c...
Advisory with patch info: github.com/n8n-io/n8n/s...
NVD entry: nvd.nist.gov/vuln/detail/...
The NI8MARE Nightmare: How a Perfect 100 CVSS in n8n Exposes Your Automation to Total Takeover + Video
Introduction: A critical vulnerability, dubbed "NI8MARE" and tracked as CVE-2026-21858, has been disclosed in the popular workflow automation platform n8n, earning the maximum severity rating of…
Overview
Description
A remote code execution issue exists in HPE OneView.
Statistics
- 3 Posts
- 1 Interaction
Last activity: 16 hours ago
Fediverse
CISA urges emergency patching after a critical HPE OneView vulnerability (CVE-2025-37164) with active exploitation - Check your versions and update to OneView v11.00 or later now.
Read: https://hackread.com/cisa-emergency-patching-exploit-hpe-oneview-flaw/
Bluesky
CISA urges emergency patching after a critical HPE OneView vulnerability (CVE-2025-37164) with active exploitation - Check your versions and update to OneView v11.00 or later now.
Read: hackread.com/cisa-emergen...
#Cybersecurity #HPE #OneView #CISA #Vulnerability
📌 Critical RCE Flaw in HPE OneView (CVE-2025-37164) Actively Exploited https://www.cyberhub.blog/article/17839-critical-rce-flaw-in-hpe-oneview-cve-2025-37164-actively-exploited
Overview
- SmarterTools
- SmarterMail
29 Dec 2025
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
10.87%
KEV
Description
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
Statistics
- 2 Posts
Last activity: 8 hours ago
Bluesky
Do Smart People Ever Say They’re Smart? (SmarterTools SmarterMail Pre-Auth RCE CVE-2025-52691)
📢 SmarterMail: RCE pré-auth (CVE-2025-52691) via endpoint d’upload non authentifié et traversée de chemin
📝 Selon un billet techn…
https://cyberveille.ch/posts/2026-01-10-smartermail-rce-pre-auth-cve-2025-52691-via-endpoint-dupload-non-authentifie-et-traversee-de-chemin/ #CVE_2025_52691 #Cyberveille
Overview
- parallax
- jsPDF
05 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
CRITICAL (9.2)
EPSS
0.06%
KEV
Description
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.
Statistics
- 1 Post
- 4 Interactions
Last activity: 4 hours ago
Fediverse
❗️CVE-2025-68428: Critical Path Traversal in jsPDF
GitHub: https://github.com/12nio/CVE-2025-68428_PoC
CVSS: 9.2
CVE Published: January 5th, 2026
Exploit Published: January 8th, 2026
News source: https://www.bleepingcomputer.com/news/security/critical-jspdf-flaw-lets-hackers-steal-secrets-via-generated-pdfs/
Overview
Description
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
Statistics
- 1 Post
- 6 Interactions
Last activity: 21 hours ago
Fediverse
Cool bug 🐞
CVE-2025-4802: Arbitrary library path #vulnerability in static setuid binary in #GLIBC
https://hackyboiz.github.io/2025/12/03/millet/cve-2025-4802/
Overview
- vercel
- next.js
21 Mar 2025
Published
08 Apr 2025
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
92.90%
KEV
Description
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Statistics
- 2 Posts
- 7 Interactions
Last activity: 15 hours ago
Bluesky
Previous from HackTheBox features CVE-2025-29927 (NextJS middleware auth bypass), directory traversal for file read, and three ways to abuse a Terraform sudo rule with !env_reset to get root.
Overview
Description
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Statistics
- 1 Post
- 2 Interactions
Last activity: 5 hours ago
Fediverse
⚠️ If you are running Next.js, you need to see this.
The "React2Shell" vulnerability (CVE-2025-55182) is currently making waves, and for good reason. Unauthenticated RCE on default configurations is about as critical as it gets for modern web frameworks.
If you haven't audited your versions yet, do it now.
See the full technical breakdown: 👉 https://www.cvedatabase.com/cve/CVE-2025-55182
Overview
- adonisjs
- core
02 Jan 2026
Published
05 Jan 2026
Updated
CVSS v4.0
CRITICAL (9.2)
EPSS
0.32%
KEV
Description
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to 11.0.0-next.6. This issue has been patched in @adonisjs/bodyparser versions 10.1.2 and 11.0.0-next.6.
Statistics
- 1 Post
- 1 Interaction
Last activity: 6 hours ago
Fediverse
❗️CVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.
PoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440
▪️CVSS: 9.2
▪️CVE Published: January 2nd, 2026
▪️Exploit Published: January 5th, 2026
Details:
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to 11.0.0-next.6. This issue has been patched in @adonisjs/bodyparser versions 10.1.2 and 11.0.0-next.6.
Overview
- Cisco
- Cisco Identity Services Engine Software
07 Jan 2026
Published
07 Jan 2026
Updated
CVSS v3.1
MEDIUM (4.9)
EPSS
0.03%
KEV
Description
A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.
This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC. An attacker could exploit this vulnerability by uploading a malicious file to the application. A successful exploit could allow the attacker to read arbitrary files from the underlying operating system that could include sensitive data that should otherwise be inaccessible even to administrators. To exploit this vulnerability, the attacker must have valid administrative credentials.
Statistics
- 1 Post
- 1 Interaction
Last activity: 19 hours ago
Bluesky
Cisco released updates for a medium-severity ISE and Snort 3 flaws, including CVE-2026-20029 with a public PoC, and reports no exploitation so far.
Overview
- Vito Peleg
- Atarim
- atarim-visual-collaboration
06 Nov 2025
Published
17 Nov 2025
Updated
CVSS
Pending
EPSS
10.74%
KEV
Description
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.
Statistics
- 1 Post
- 1 Interaction
Last activity: 6 hours ago
Fediverse
❗️CVE-2025-60188: Atarim Plugin PoC Exploit
GitHub: https://github.com/m4sh-wacker/CVE-2025-60188-Atarim-Plugin-Exploit