Overview
Description
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Statistics
- 4 Posts
- 2 Interactions
Last activity: 20 hours ago
Bluesky
Scan results for n8n CVE-2026-21858 (CVSS 10.0 RCE) for 2026-01-09: 105,753 vulnerable instances by unique IP found - out of 230,562 IPs with n8n we see that day.
Dashboard Tree Map view: dashboard.shadowserver.org/statistics/c...
IP data in Vulnerable HTTP: www.shadowserver.org/what-we-do/n...
Deconstructing the n8n Critical RCE (CVE-2026-21858) and the Death of Implicit Trust.
www.linkedin.com/pulse/invisi...
Thank you to Validin for the collaboration on the scan!
Dashboard World Map view:
dashboard.shadowserver.org/statistics/c...
CVE-2026-21858 Tracker:
dashboard.shadowserver.org/statistics/c...
Advisory with patch info: github.com/n8n-io/n8n/s...
NVD entry: nvd.nist.gov/vuln/detail/...
The NI8MARE Nightmare: How a Perfect 100 CVSS in n8n Exposes Your Automation to Total Takeover +Â Video
Introduction: A critical vulnerability, dubbed "NI8MARE" and tracked as CVE-2026-21858, has been disclosed in the popular workflow automation platform n8n, earning the maximum severity rating of…
Overview
- SmarterTools
- SmarterMail
29 Dec 2025
Published
09 Jan 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
10.87%
KEV
Description
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
Statistics
- 3 Posts
- 2 Interactions
Last activity: 2 hours ago
Fediverse
watchTowr has published a technical analysis of a CVSS 10 pre-auth RCE vulnerability in SmartTool's SmarterMail business email platform.
The vulnerability (CVE-2025-52691) was silently patched in Oct and publicly disclosed only a few months later in Dec
Bluesky
📢 SmarterMail: RCE pré-auth (CVE-2025-52691) via endpoint d’upload non authentifié et traversée de chemin
📝 Selon un billet techn…
https://cyberveille.ch/posts/2026-01-10-smartermail-rce-pre-auth-cve-2025-52691-via-endpoint-dupload-non-authentifie-et-traversee-de-chemin/ #CVE_2025_52691 #Cyberveille
Overview
- parallax
- jsPDF
05 Jan 2026
Published
06 Jan 2026
Updated
CVSS v4.0
CRITICAL (9.2)
EPSS
0.08%
KEV
Description
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.
Statistics
- 1 Post
- 4 Interactions
Last activity: 15 hours ago
Fediverse
❗️CVE-2025-68428: Critical Path Traversal in jsPDF
GitHub: https://github.com/12nio/CVE-2025-68428_PoC
CVSS: 9.2
CVE Published: January 5th, 2026
Exploit Published: January 8th, 2026
News source: https://www.bleepingcomputer.com/news/security/critical-jspdf-flaw-lets-hackers-steal-secrets-via-generated-pdfs/
Overview
- Airoha Technology Corp.
- AB156x, AB157x, AB158x, AB159x series, AB1627
04 Aug 2025
Published
05 Aug 2025
Updated
CVSS
Pending
EPSS
0.04%
KEV
Description
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Statistics
- 1 Post
- 2 Interactions
Last activity: 5 hours ago
Bluesky
Airoha Bluetooth RACE vulnerabilities (CVE-2025-20700/20701/20702)
Blog post: insinuator.net/2025/12/blue...
White paper: static.ernw.de/whitepaper/E...
Credits Dennis Heinze, Frieder Steinmetz
#infosec #bluetooth
Overview
Description
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
Statistics
- 1 Post
- 2 Interactions
Last activity: 16 hours ago
Fediverse
⚠️ If you are running Next.js, you need to see this.
The "React2Shell" vulnerability (CVE-2025-55182) is currently making waves, and for good reason. Unauthenticated RCE on default configurations is about as critical as it gets for modern web frameworks.
If you haven't audited your versions yet, do it now.
See the full technical breakdown: 👉 https://www.cvedatabase.com/cve/CVE-2025-55182
Overview
Description
Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
Statistics
- 1 Post
- 1 Interaction
Last activity: 3 hours ago
Bluesky
🚨 Attention #Fedora Users! A critical security update is available for your Chromium browser. Version 143.0.7499.192 patches a high-severity vulnerability (CVE-2026-0628) that could let malicious sites bypass security rules. Read more: 👉 tinyurl.com/3xk6ta5d #Security
Overview
- adonisjs
- core
02 Jan 2026
Published
05 Jan 2026
Updated
CVSS v4.0
CRITICAL (9.2)
EPSS
0.32%
KEV
Description
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to 11.0.0-next.6. This issue has been patched in @adonisjs/bodyparser versions 10.1.2 and 11.0.0-next.6.
Statistics
- 1 Post
- 1 Interaction
Last activity: 16 hours ago
Fediverse
❗️CVE-2026-21440: A critical path traversal vulnerability affecting the AdonisJS framework, specifically its multipart file upload handling.
PoC Exploit: https://github.com/Ashwesker/Ashwesker-CVE-2026-21440
▪️CVSS: 9.2
▪️CVE Published: January 2nd, 2026
▪️Exploit Published: January 5th, 2026
Details:
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease versions prior to 11.0.0-next.6. This issue has been patched in @adonisjs/bodyparser versions 10.1.2 and 11.0.0-next.6.
Overview
- Vito Peleg
- Atarim
- atarim-visual-collaboration
06 Nov 2025
Published
17 Nov 2025
Updated
CVSS
Pending
EPSS
10.74%
KEV
Description
Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.
Statistics
- 1 Post
- 1 Interaction
Last activity: 17 hours ago
Fediverse
❗️CVE-2025-60188: Atarim Plugin PoC Exploit
GitHub: https://github.com/m4sh-wacker/CVE-2025-60188-Atarim-Plugin-Exploit
Overview
- The Tcpdump Group
- libpcap
31 Dec 2025
Published
02 Jan 2026
Updated
CVSS v3.1
LOW (1.9)
EPSS
0.02%
KEV
Description
pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function with an argument that deviates from the expected format, the function can read data beyond the end of the provided string and write data beyond the end of the allocated buffer.
Statistics
- 1 Post
Last activity: 20 hours ago
Bluesky
🚨 THREAD: Critical libpcap vulnerability CVE-2025-11961 threatens network security infrastructure. Read more: 👉 tinyurl.com/wurd46hn #Security #Mageia
Overview
- coreruleset
- coreruleset
08 Jan 2026
Published
08 Jan 2026
Updated
CVSS v3.1
CRITICAL (9.3)
EPSS
0.03%
KEV
Description
The OWASP core rule set (CRS) is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart requests with multiple parts. When the first rule in a chain iterates over a collection (like `MULTIPART_PART_HEADERS`), the capture variables (`TX:0`, `TX:1`) get overwritten with each iteration. Only the last captured value is available to the chained rule, which means malicious charsets in earlier parts can be missed if a later part has a legitimate charset. Versions 4.22.0 and 3.3.8 patch the issue.
Statistics
- 1 Post
Last activity: Last hour
Bluesky
đź“Ś Critical WAF Bypass Vulnerability (CVE-2026-21876) Affects OWASP ModSecurity and Coraza https://www.cyberhub.blog/article/17896-critical-waf-bypass-vulnerability-cve-2026-21876-affects-owasp-modsecurity-and-coraza