24h | 7d | 30d

Overview

  • icu

27 May 2025
Published
22 Jan 2026
Updated

CVSS
Pending
EPSS
0.03%

KEV

Description

A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
🔍 Lambda Watchdog detected that CVE-2025-5222 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/300 #AWS #Lambda #Security #CVE #DevOps #SecOps
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Pending

17 Nov 2018
Published
05 Aug 2024
Updated

CVSS
Pending
EPSS
0.17%

KEV

Description

pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root (but not escape the sandbox) via vectors involving IPC_RMID shmctl calls, because reference counting is mishandled.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 17 hours ago

Fediverse

Profile picture fallback

To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security

  • 1
  • 1
  • 0
  • 17h ago

Overview

  • Linux
  • Linux

17 Aug 2024
Published
03 Nov 2025
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

In the Linux kernel, the following vulnerability has been resolved: landlock: Don't lose track of restrictions on cred_transfer When a process' cred struct is replaced, this _almost_ always invokes the cred_prepare LSM hook; but in one special case (when KEYCTL_SESSION_TO_PARENT updates the parent's credentials), the cred_transfer LSM hook is used instead. Landlock only implements the cred_prepare hook, not cred_transfer, so KEYCTL_SESSION_TO_PARENT causes all information on Landlock restrictions to be lost. This basically means that a process with the ability to use the fork() and keyctl() syscalls can get rid of all Landlock restrictions on itself. Fix it by adding a cred_transfer hook that does the same thing as the existing cred_prepare hook. (Implemented by having hook_cred_prepare() call hook_cred_transfer() so that the two functions are less likely to accidentally diverge in the future.)

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 17 hours ago

Fediverse

Profile picture fallback

To compare #sydbox and #gvisor, take 2 CVEs: CVE-2018-19333, gvisor proc2proc arbitrary-memory-write which wasn't classified as sandbox break. Vuln is there because gvisor uses the seccomp-trap API to run all in a single process ignoring ASLR.. CVE-2024-42318 aka Houdini is a #landlock break where a keyrings(7) call would unlock the sandbox. Syd wasn't affected: 1. keyrings is def disabled 2. open call happens in a syd emulator thread confined by same landlock sandbox. #exherbo #linux #security

  • 1
  • 1
  • 0
  • 17h ago

Overview

  • Ivanti
  • Endpoint Manager Mobile

29 Jan 2026
Published
30 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.18%

KEV

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 23 hours ago

Fediverse

Profile picture fallback

This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: forums.ivanti.com/s/article/Se

  • 1
  • 0
  • 0
  • 23h ago

Overview

  • Ivanti
  • Endpoint Manager Mobile

29 Jan 2026
Published
30 Jan 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
16.41%

Description

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 23 hours ago

Fediverse

Profile picture fallback

This Ivanti Endpoint Manager Mobile (IPMM) security advisory seems to fit the timeline of the incident: forums.ivanti.com/s/article/Se

  • 1
  • 0
  • 0
  • 23h ago

Overview

  • n8n-io
  • n8n

07 Jan 2026
Published
12 Jan 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
5.37%

KEV

Description

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.

Statistics

  • 1 Post

Last activity: 12 hours ago

Bluesky

Profile picture fallback
n8nで複数の重大な脆弱性、大規模スキャンも観測(CVE-2026-25049,CVE-2026-21858) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 12h ago

Overview

  • n8n-io
  • n8n

19 Dec 2025
Published
22 Dec 2025
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
71.72%

KEV

Description

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that was patched by n8n in December 2025. thehackernews.com/2026/02/cr...
  • 0
  • 0
  • 0
  • Last hour
Showing 31 to 37 of 37 CVEs