The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...

Google explains JavaScript execution on non-200 HTTP status codes

Google noted that if the HTTP status code is non-200 (for example, on error pages with 404 status code), rendering might be skipped.
CSOonline

Gladinet servers file-sharing servers allow remote code execution

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...
The Hacker News

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE patched a critical OneView vulnerability with CVSS 10.0 that could allow unauthenticated remote code execution in ...