New Vulnerability in n8n

Published: 1 day ago (January 15, 2026 at 07:05 AM EST)

1 min read

Source: Schneier on Security

Overview

This isn’t good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances.

Impact

The vulnerability affects an estimated 100,000 servers globally.

Mitigation

No official workarounds are available for this vulnerability. Users should upgrade to version 1…

Back to Blog

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management SIEM solu...

Microsoft updates Windows DLL that triggered security alerts

Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert po...

Ruby Array Pack Bleed

Article URL: https://nastystereo.com/security/ruby-pack.html Comments URL: https://news.ycombinator.com/item?id=46520566 Points: 17 Comments: 0...

The Kimwolf Botnet is Stalking Your Local Network

The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited...