24h | 7d | 30d

Overview

  • n8n-io
  • n8n

25 Feb 2026
Published
26 Feb 2026
Updated

CVSS v4.0
CRITICAL (9.5)
EPSS
0.26%

KEV

Description

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form data. When chained with an expression sandbox escape, this could escalate to remote code execution on the n8n host. The vulnerability requires a specific workflow configuration to be exploitable. First, a form node with a field interpolating a value provided by an unauthenticated user, e.g. a form submitted value. Second, the field value must begin with an `=` character, which caused n8n to treat it as an expression and triggered a double-evaluation of the field content. There is no practical reason for a workflow designer to prefix a field with `=` intentionally — the character is not rendered in the output, so the result would not match the designer's expectations. If added accidentally, it would be noticeable and very unlikely to persist. An unauthenticated attacker would need to either know about this specific circumstance on a target instance or discover a matching form by chance. Even when the preconditions are met, the expression injection alone is limited to data accessible within the n8n expression context. Escalation to remote code execution requires chaining with a separate sandbox escape vulnerability. The issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Review usage of form nodes manually for above mentioned preconditions, disable the Form node by adding `n8n-nodes-base.form` to the `NODES_EXCLUDE` environment variable, and/or disable the Form Trigger node by adding `n8n-nodes-base.formTrigger` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Statistics

  • 1 Post

Last activity: 4 hours ago

Bluesky

Profile picture fallback
Zero-Click Nightmare: How a Simple {{77}} in n8n Grants Unauthenticated RCE (CVE-2026-27493) + Video Introduction Server-Side Template Injection (SSTI) remains one of the most overlooked yet devastating vulnerabilities in modern web applications. When combined with n8n – a popular workflow…
  • 0
  • 0
  • 0
  • 4h ago

Overview

  • Ubiquiti Inc
  • UniFi Play PowerAmp

13 Apr 2026
Published
13 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
Pending

KEV

Description

A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE). Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier)
UniFi Play Audio Port  (Version 1.0.24 and earlier)
 Mitigation: Update UniFi Play PowerAmp to Version 1.0.38 or later
Update UniFi Play Audio Port  to Version 1.1.9 or later

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture fallback

🚨 CVE-2026-22562: CRITICAL path traversal (CWE-22) in Ubiquiti UniFi Play PowerAmp ≤1.0.35 & Audio Port ≤1.0.24 enables unauth RCE via arbitrary file write. Patch to 1.0.38+/1.1.9+ ASAP! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 1h ago

Overview

  • MervinPraison
  • PraisonAI

14 Apr 2026
Published
14 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
Pending

KEV

Description

PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflow engine is vulnerable to arbitrary command and code execution through untrusted YAML files. When praisonai workflow run <file.yaml> loads a YAML file with type: job, the JobWorkflowExecutor in job_workflow.py processes steps that support run: (shell commands via subprocess.run()), script: (inline Python via exec()), and python: (arbitrary Python script execution)—all without any validation, sandboxing, or user confirmation. The affected code paths include action_run() in workflow.py and _exec_shell(), _exec_inline_python(), and _exec_python_script() in job_workflow.py. An attacker who can supply or influence a workflow YAML file (particularly in CI pipelines, shared repositories, or multi-tenant deployment environments) can achieve full arbitrary command execution on the host system, compromising the machine and any accessible data or credentials. This issue has been fixed in versions 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents.

Statistics

  • 1 Post

Last activity: 4 hours ago

Fediverse

Profile picture fallback

🚨 CVE-2026-40288 (CRITICAL, CVSS 9.8): PraisonAI <4.5.139 vulnerable to OS command injection via untrusted YAML files. Attackers can achieve full system compromise. Upgrade ASAP! More: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 4h ago

Overview

  • wpeverest
  • User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

03 Mar 2026
Published
08 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
32.68%

KEV

Description

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a user-supplied role during membership registration without properly enforcing a server-side allowlist. This makes it possible for unauthenticated attackers to create administrator accounts by supplying a role value during membership registration.

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture fallback
CVE-2026-1492: Critical WordPress Plugin Flaw Grants Admin Takeover – Patch Now! + Video Introduction: A newly disclosed authentication bypass vulnerability (CVE-2026-1492) in the User Registration & Membership plugin for WordPress (versions ≤5.1.2) allows unauthenticated attackers to gain full…
  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Cisco
  • Cisco Secure Firewall Management Center (FMC)

04 Mar 2026
Published
25 Mar 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.79%

Description

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root&nbsp;on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java object to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the device and elevate privileges to root. Note: If the FMC management interface does not have public internet access, the attack surface that is associated with this vulnerability is reduced.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture fallback
~Recordedfuture~ Interlock ransomware is actively exploiting Cisco FMC zero-day (CVE-2026-20131) for root access. - IOCs: 37. 27. 244. 222, CVE-2026-20131 - #CVE202620131 #Ransomware #ThreatIntel
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 15 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

🚨 Composer 2.9.6 and 2.2.27 are out with fixes for CVE-2026-40261 and CVE-2026-40176, both command injection issues in the Perforce driver. Run composer self-update now. No exploitation detected on Packagist.org and Private Packagist. Details on our blog: blog.packagist.com/composer-2- #php #phpc #composerphp

  • 9
  • 6
  • 0
  • 2h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 15 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

🚨 Composer 2.9.6 and 2.2.27 are out with fixes for CVE-2026-40261 and CVE-2026-40176, both command injection issues in the Perforce driver. Run composer self-update now. No exploitation detected on Packagist.org and Private Packagist. Details on our blog: blog.packagist.com/composer-2- #php #phpc #composerphp

  • 9
  • 6
  • 0
  • 2h ago

Overview

  • Apache Software Foundation
  • Apache Tomcat

09 Apr 2026
Published
10 Apr 2026
Updated

CVSS
Pending
EPSS
0.05%

KEV

Description

CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fixes the issue.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

Multiple Apache Tomcat vulnerabilities have been disclosed, including a critical EncryptInterceptor bypass (CVE-2026-34486) resulting from a flawed security patch, and issues related to padding oracle attacks and certificate authentication (CVE-2026-34500). Administrators are urged to update to the latest secure releases to mitigate these risks.
cybersecuritynews.com/apache-t

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • Microsoft
  • Windows 11 Version 24H2

11 Nov 2025
Published
14 Apr 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.19%

Description

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

Statistics

  • 2 Posts
  • 3 Interactions

Last activity: 15 hours ago

Fediverse

Profile picture fallback

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CVE-2012-1854 Visual Basic for Applications Insecure Library Loading

CVE-2020-9715 Adobe Acrobat Use-After-Free

CVE-2023-21529 Microsoft Exchange Deserialization of Untrusted

CVE-2023-36424 Microsoft Windows Out-of-Bounds Read

CVE-2025-60710 Microsoft Windows Link Following

CVE-2026-21643 Fortinet SQL Injection

CVE-2026-34621 Adobe Acrobat Reader Prototype

cisa.gov/news-events/alerts/20

#cybersecurity #cisa #adobe #microsoft

  • 0
  • 3
  • 0
  • 15h ago

Bluesky

Profile picture fallback
~Cisa~ CISA added 7 actively exploited vulnerabilities to the KEV catalog, urging immediate patching. - IOCs: CVE-2026-21643, CVE-2026-34621, CVE-2025-60710 - #CISA #KEV #threatintel
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Fortinet
  • FortiClientEMS

06 Feb 2026
Published
14 Apr 2026
Updated

CVSS v3.1
CRITICAL (9.1)
EPSS
13.70%

Description

An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Statistics

  • 2 Posts
  • 3 Interactions

Last activity: 15 hours ago

Fediverse

Profile picture fallback

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CVE-2012-1854 Visual Basic for Applications Insecure Library Loading

CVE-2020-9715 Adobe Acrobat Use-After-Free

CVE-2023-21529 Microsoft Exchange Deserialization of Untrusted

CVE-2023-36424 Microsoft Windows Out-of-Bounds Read

CVE-2025-60710 Microsoft Windows Link Following

CVE-2026-21643 Fortinet SQL Injection

CVE-2026-34621 Adobe Acrobat Reader Prototype

cisa.gov/news-events/alerts/20

#cybersecurity #cisa #adobe #microsoft

  • 0
  • 3
  • 0
  • 15h ago

Bluesky

Profile picture fallback
~Cisa~ CISA added 7 actively exploited vulnerabilities to the KEV catalog, urging immediate patching. - IOCs: CVE-2026-21643, CVE-2026-34621, CVE-2025-60710 - #CISA #KEV #threatintel
  • 0
  • 0
  • 0
  • 16h ago
Showing 31 to 40 of 43 CVEs