24h | 7d | 30d

CVE-2026-21858

Overview

  • n8n-io
  • n8n
07 Jan 2026
Published
08 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.03%
KEV

Description

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.

Statistics

  • 3 Posts
  • 13 Interactions
Last activity: 4 hours ago

Fediverse

Profile picture
hrbrmstr 🇺🇦 🇬🇱 🇨🇦 @hrbrmstr

this was some great and necessary debunking of the ridiculous attempt at a "look how cool we are” CVE assignment.

between this and the "it's actually not a real vuln from an internet-perspective" for the recent daft D-Link CVE assignment, the cyber part of 2026 is off to a really horrible start.

horizon3.ai/attack-research/at

  • 6
  • 5
  • 0
  • 22h ago
Profile picture
zeldman @zeldman

Tell your friends.

The vulnerability, tracked as CVE-2026-21858 (CVSS score: 10.0), has been codenamed Ni8mare by Cyera Research Labs. Security researcher Dor Attias discovered and reported it on November 9, 2025.

thehackernews.com/2026/01/crit

  • 2
  • 0
  • 0
  • 17h ago

Bluesky

Profile picture
OpsMatters @opsmatters.com
The latest update for #ArcticWolf includes "CVE-2026-21858: Critical Unauthenticated File Access Vulnerability in n8n 'Ni8mare'" and "2025 Year in Review: Building the Future of #SecurityOperations". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl
  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-14847

Overview

  • MongoDB Inc.
  • MongoDB Server
19 Dec 2025
Published
31 Dec 2025
Updated
CVSS v4.0
HIGH (8.7)
EPSS
69.62%
KEV

Description

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

Statistics

  • 3 Posts
Last activity: 3 hours ago

Bluesky

Profile picture
DeployHub, Inc. @deployhub.bsky.social
MongoBleed (CVE-2025-14847), a critical vulnerability in MongoDB's zlib1 message compression path - learn how it was done. https://cstu.io/d890f0
  • 0
  • 0
  • 0
  • 18h ago
Profile picture
OpsMatters @opsmatters.com
The latest update for #Sentrium includes "The Boardroom Case for #PenetrationTesting: Risk, Responsibility, and Resilience" and "MongoBleed: unauthenticated memory disclosure in #MongoDB (CVE-2025-14847)". #Cybersecurity #PenTesting #infosec https://opsmtrs.com/3aPKkxS
  • 0
  • 0
  • 0
  • 6h ago
Profile picture
Information Security Briefly @infosecbriefly.bsky.social
A zlib decompression flaw (CVE-2025-14847, MongoBleed) allows unauthenticated remote attackers to leak uninitialized memory and exfiltrate credentials from exposed MongoDB servers.
  • 0
  • 0
  • 0
  • 3h ago

CVE-2025-69194

Overview

  • wget2
09 Jan 2026
Published
10 Jan 2026
Updated
CVSS
Pending
EPSS
0.03%
KEV

Description

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user’s environment.

Statistics

  • 3 Posts
  • 7 Interactions
Last activity: 17 hours ago

Fediverse

Profile picture
cR0w @cR0w

And a ../ :brdScream:

access.redhat.com/security/cve

  • 3
  • 4
  • 0
  • 20h ago
Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-69194 - High (8.8)

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 17h ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 Security Update: #openSUSE Tumbleweed Patch NOW for libwget4 (CVE-2025-69194, CVE-2025-69195). Affects wget2. Moderate severity, but don't delay. Read more: 👉 tinyurl.com/3vs9dhmu #Security
  • 0
  • 0
  • 0
  • 23h ago

CVE-2025-69195

Overview

  • wget2
09 Jan 2026
Published
10 Jan 2026
Updated
CVSS
Pending
EPSS
0.08%
KEV

Description

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities.

Statistics

  • 3 Posts
  • 1 Interaction
Last activity: 17 hours ago

Fediverse

Profile picture
cR0w @cR0w

DoS ( and maybe more? :crow_plead: ) in wget2.

access.redhat.com/security/cve

  • 0
  • 1
  • 0
  • 20h ago
Profile picture
TheHackerWire @thehackerwire

🟠 CVE-2025-69195 - High (7.6)

A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 17h ago

Bluesky

Profile picture
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
🚨 Security Update: #openSUSE Tumbleweed Patch NOW for libwget4 (CVE-2025-69194, CVE-2025-69195). Affects wget2. Moderate severity, but don't delay. Read more: 👉 tinyurl.com/3vs9dhmu #Security
  • 0
  • 0
  • 0
  • 23h ago

CVE-2025-37164

Overview

  • Hewlett Packard Enterprise (HPE)
  • HPE OneView
16 Dec 2025
Published
08 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
81.31%
KEV

Description

A remote code execution issue exists in HPE OneView.

Statistics

  • 2 Posts
Last activity: 3 hours ago

Bluesky

Profile picture
guardian360.bsky.social @guardian360.bsky.social
CVE-2025-37164, which received a 10 CVSS score, was added to CISA's Known Exploited Vulnerabilities (KEV) catalog Wednesday. The remote code execution (RCE) vulnerability was first disclosed by HPE Dec.
  • 0
  • 0
  • 0
  • 19h ago
Profile picture
CyberHub @cyberhub.blog
📌 Critical RCE Flaw in HPE OneView (CVE-2025-37164) Actively Exploited https://www.cyberhub.blog/article/17839-critical-rce-flaw-in-hpe-oneview-cve-2025-37164-actively-exploited
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-21876

Overview

  • coreruleset
  • coreruleset
08 Jan 2026
Published
08 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.3)
EPSS
0.03%
KEV

Description

The OWASP core rule set (CRS) is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart requests with multiple parts. When the first rule in a chain iterates over a collection (like `MULTIPART_PART_HEADERS`), the capture variables (`TX:0`, `TX:1`) get overwritten with each iteration. Only the last captured value is available to the chained rule, which means malicious charsets in earlier parts can be missed if a later part has a legitimate charset. Versions 4.22.0 and 3.3.8 patch the issue.

Statistics

  • 2 Posts
Last activity: 18 hours ago

Bluesky

Profile picture
Application Security Feed @appsecfeed.bsky.social
🗞️ CVE-2026-21876: Critical Multipart Charset Bypass Fixed in CRS 4.22.0 and 3.3.8 🔗 https://coreruleset.org/20260106/cve-2026-21876-critical-multipart-charset-bypass-fixed-in-crs-4.22.0-and-3.3.8/
  • 0
  • 0
  • 0
  • 22h ago
Profile picture
CyberHub @cyberhub.blog
📌 CVE-2026-21876: Critical OWASP ModSecurity CRS WAF Bypass Vulnerability Disclosed https://www.cyberhub.blog/article/17817-cve-2026-21876-critical-owasp-modsecurity-crs-waf-bypass-vulnerability-disclosed
  • 0
  • 0
  • 0
  • 18h ago

CVE-2025-70974

Overview

  • Alibaba
  • Fastjson
09 Jan 2026
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.06%
KEV

Description

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an attacker-supplied payload located elsewhere in that JSON document. This was exploited in the wild in 2023 through 2025. NOTE: this issue exists because of an incomplete fix for CVE-2017-18349. Also, a later bypass is covered by CVE-2022-25845.

Statistics

  • 2 Posts
  • 8 Interactions
Last activity: 15 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

🔴 CVE-2025-70974 - Critical (10)

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those meth...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda

  • 0
  • 0
  • 0
  • 17h ago
Profile picture
cR0w @cR0w

Perfect 10 in Fastjson. 🥳

It's funny that it appears to be a challenging enough bug that it bypassed at least two previous fixes.

cve.org/CVERecord?id=CVE-2025-

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an attacker-supplied payload located elsewhere in that JSON document. This was exploited in the wild in 2023 through 2025. NOTE: this issue exists because of an incomplete fix for CVE-2017-18349. Also, a later bypass is covered by CVE-2022-25845.

  • 3
  • 5
  • 0
  • 15h ago

CVE-2025-69258

Overview

  • Trend Micro, Inc.
  • Trend Micro Apex Central
08 Jan 2026
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
0.15%
KEV

Description

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.

Statistics

  • 2 Posts
Last activity: 10 hours ago

Bluesky

Profile picture
CyberHub @cyberhub.blog
📌 Trend Micro Patches Critical RCE Flaw in Apex Central for Windows (CVE-2025-69258) https://www.cyberhub.blog/article/17828-trend-micro-patches-critical-rce-flaw-in-apex-central-for-windows-cve-2025-69258
  • 0
  • 0
  • 0
  • 10h ago
Profile picture
Giovanni Popolizio @giovanni-popolizio.bsky.social
Trend Micro Apex Central: Vulnerabilità RCE con CVSS 9.8 Vulnerabilità Critica RCE Apex Central è, per molte aziende, il cuore silenzioso della sicurezza. È la console che governa... www.aiutocomputerhelp.it?p=16524 #Apex_Central #CVE_2025_69258 #CVE_2025_69259 #CVE_2025_69260 #news #Vulnerabilità
  • 0
  • 0
  • 0
  • 23h ago

CVE-2026-21877

Overview

  • n8n-io
  • n8n
08 Jan 2026
Published
08 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.05%
KEV

Description

n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execute malicious code using the n8n service. This could result in full compromise and can impact both self-hosted and n8n Cloud instances. This issue is fixed in version 1.121.3. Administrators can reduce exposure by disabling the Git node and limiting access for untrusted users, but upgrading to the latest version is recommended.

Statistics

  • 1 Post
  • 5 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture
Dr. Christopher Kunz @christopherkunz

Uh... how is github.com/n8n-io/n8n/security (CVE-2026-21877) a 10.0 with PR:L? That is not possible, either it's a 9.9 or it has PR:N.

  • 1
  • 4
  • 0
  • 23h ago

CVE-2025-67004

Overview

  • Pending
09 Jan 2026
Published
09 Jan 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly.

Statistics

  • 1 Post
  • 4 Interactions
Last activity: 18 hours ago

Fediverse

Profile picture
cR0w @cR0w

../ in CouchCMS.

cve.org/CVERecord?id=CVE-2025-

  • 1
  • 3
  • 0
  • 18h ago
Showing 1 to 10 of 106 CVEs