Executive Summary CVE-2026-21858 (Ni8mare) is a critical unauthenticated remote code execution vulnerability in n8n, a widely used workflow automation platform. The flaw is caused by content-type confusion in webhook request handling, allowing attackers to forge uploaded files, read arbitrary local files, forge administrator sessions, and ultimately execute commands on the underlying host. The vulnerability affects […]

Executive Summary CVE-2026-21877 is a critical remote code execution vulnerability in n8n that allows an authenticated user to execute arbitrary code on the underlying instance. The issue affects n8n versions >= 0.123.0 and < 1.121.3 and is fixed in 1.121.3 and later. In environments where n8n automates workflows with access to internal systems, credentials, and […]

Executive Summary CVE-2025-68664 is a critical serialization injection vulnerability in LangChain that affects how data is serialized using dumps() and dumpd(), and later reconstructed using load() and loads(). The issue stems from a failure to properly escape user-controlled dictionaries that contain the reserved lc key. Because this key is used internally by LangChain to represent […]

Executive Summary A critical unauthenticated vulnerability (CVE-2025-14847) has been identified in MongoDB Server, affecting how the database processes zlib-compressed network traffic. Under specific conditions, a remote attacker can trigger MongoDB to return uninitialized heap memory as part of a server response. Because this data originates from process memory, it may contain fragments of previously handled […]

Artificial intelligence is rapidly becoming embedded in core engineering workflows. Organizations are integrating LLMs into customer-facing applications, code generation pipelines, triage automation, and even parts of their CI/CD and cloud-management ecosystems. But the moment AI crossed into production, a new reality emerged: AI vulnerabilities behave fundamentally differently from traditional software vulnerabilities. They don’t follow the […]

A critical vulnerability (CVE-2025-66570, GHSA-xm2j-vfr9-mg9m) has been identified in cpp-httplib, a popular single-header C++ HTTP/HTTPS library used in many lightweight services, internal tools, and embedded applications. Prior to version 0.27.0, cpp-httplib incorrectly accepts and processes certain reserved header names directly from client requests, including: REMOTE_ADDR,REMOTE_PORT,LOCAL_ADDR,LOCAL_PORT. Because these values are parsed before httplib injects the server’s […]

On September 8, 2025, one of the largest npm supply chain incidents in recent history unfolded. Popular libraries like debug and chalk along with 16 other utilities were hijacked and pushed to npm with malicious code targeting cryptocurrency wallets and blockchain transactions. These packages collectively have billions of weekly downloads, making this compromise both widespread […]

A critical vulnerability was disclosed in Argo CD, a popular GitOps continuous delivery tool. This flaw allows project-level API tokens to retrieve sensitive repository credentials such as usernames and passwords, even when those tokens do not have explicit permissions to access secrets. Overview Argo CD uses project-level tokens to automate deployment workflows and manage applications.Due […]

On August 26, 2025, the popular Nx build system package was compromised in a sophisticated supply-chain attack. Malicious versions of Nx and related packages were published to npm, embedding malware that scanned developer environments for sensitive credentials and exfiltrated them. This attack stands out not only because of its impact with thousands of developers who […]

A critical vulnerability in sudo (Changelog v1.9.14–1.9.17) allows local users to gain root access via the –chroot (-R) option. This flaw carries a CVSS 3.1 score of 9.3 (Critical). Affected Versions Platform Coverage Why This Matters This flaw originates from a change introduced in sudo 1.9.14. Path resolution began occurring within the chroot environment before the […]