Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...

OpenSSL updates released on Tuesday patch a dozen vulnerabilities, including a high-severity remote code execution flaw.

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

SmarterMail administrators have an urgent security update to prioritize: a critical unauthenticated remote code execution (RCE) vulnerability with a CVSS ...

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...

Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft ...

WhatsApp users should update the application for vulnerability CVE-2025-30401, which Meta recently patched when WhatsApp was released for Windows version 2.2450.6. Meta cautions Windows users to ...

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices.Key takeaways:CVE-2025-64155 is a critical operating system (OS) ...