Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...

SAP patches two critical flaws (CVSS 9.8, 9.1) affecting FS-QUO and NetWeaver, preventing remote code execution risks in enterprise systems.

Security researchers at JFrog worked with biotechnology company 23andMe to address a vulnerability with Yamale, a tool written by the company and used by over 200 repositories. The smartest companies ...

In March, SAP addresses partly critical security vulnerabilities in various products in 15 advisories. Admins must act.

A heavily downloaded Node.js library has a high severity command injection vulnerability revealed this month. Tracked as CVE-2021-21315, the bug impacts the "systeminformation" npm component which ...

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.

SAP released 15 new security notes on its March 2026 Security Patch Day, including two that resolve critical vulnerabilities ...

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...

Google has patched a high-severity zero-day bug in its Chrome Web browser that attackers are actively exploiting. It paves the way for code execution and other cyberattacks on targeted endpoints. The ...

CISA has added a pair of security holes to its actively exploited list, warning that attackers are now abusing a maximum-severity bug in HPE's OneView management software and a years-old flaw in ...

In the automation tool n8n, eleven security vulnerabilities have been discovered. Three of these are considered critical risks. Admins should update quickly.