The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...

Barracuda RMM: Critical security vulnerabilities allow code injection

Critical security vulnerabilities exist in Barracuda's Service Center RMM, through which attackers can execute arbitrary code.
Bleeping Computer

GitLab warns of critical arbitrary branch pipeline execution flaw

GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, ...
CSOonline

Researchers uncover RCE attack chains in popular enterprise credential vaults

Researchers have found 14 logic flaws in various components of HashiCorp Vault and CyberArk Conjur, two open-source credential management systems, allowing attacks that could bypass authentication ...
CSOonline

A pickle in Meta’s LLM code could allow RCE attacks

AI frameworks, including Meta’s Llama, are prone to automatic Python deserialization by pickle that could lead to remote code execution. Meta’s large language model (LLM) framework, Llama, suffers a ...