n8n Security Flaws Could Let Attackers Achieve Remote Code Execution
A set of critical vulnerabilities in the popular workflow automation platform n8n has raised serious security concerns, with researchers warning that attacke...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1190 — Exploit Public-Facing Application (Initial Access)
Clear filter186 articles found
Exploitation of Critical NGINX Vulnerability Begins
The flaw leads to denial-of-service on default configurations and to remote code execution if ASLR is disabled. The post Exploitation of Critical NGINX Vulne...
Claude Code Vulnerability Allows Attackers to Run Commands Through Crafted Deeplinks
A recently disclosed flaw in Claude Code allowed attackers to execute arbitrary system commands using a single crafted deeplink URL, turning a convenience fe...
[local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution
Remote Sunrise Helper for Windows 2026.
AI agent finds 18-year-old remote code execution flaw in Nginx
Researchers have found a critical vulnerability in the widely used Nginx web server that can potentially lead to remote code execution under certain conditio...
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under ce...
Critical Exim vulnerability allows remote code execution
The vulnerability, a user-after-free flaw, occurs during the TLS shutdown process when handling chunked SMTP traffic.
Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution
Windows systems worldwide are at risk from a new critical flaw in the Windows DNS Client that could allow remote code execution without any user interaction....
Siemens Simcenter Femap
View CSAF Summary Simcenter Femap is affected by heap based buffer overflow vulnerability in Datakit library that could be triggered when the application rea...
Critical Exim Mailer Flaw Enables Remote Code Execution Attacks
A newly disclosed vulnerability in the widely used Exim mail transfer agent exposes thousands of internet-facing mail servers to unauthenticated remote code ...
Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker
Langflow instances left unpatched against CVE-2026-33017 are now being actively abused not just for remote code execution, but as launchpads to steal AWS key...
PoC Released for 18-Year-Old NGINX Flaw Allowing Remote Code Execution
A critical vulnerability in NGINX’s source code, hidden since 2008, has finally been exposed, and a working exploit is already in the wild. Security research...
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undet...
[webapps] Apache HertzBeat 1.8.0 - Remote Code Execution
Apache HertzBeat 1.8.
Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox
Fortinet released a batch of patches across its products on Patch Tuesday, including two critical vulnerabilities that can lead to remote code execution. For...
New critical Exim mailer flaw allows remote code execution
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacke...
Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs
Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical ...
Microsoft’s agentic AI system found four critical Windows RCE flaws
Microsoft responded to growing competition in AI security by announcing that its new agentic security system helped researchers discover 16 new vulnerabiliti...
Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
Microsoft has marked May 2026 Patch Tuesday by releasing fixes for 120+ CVE-numbered vulnerabilities, none of which (for a change) are actively exploited or ...
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
View CSAF Summary ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves publicl...