Critical unauthenticated RCE in n8n (CVE-2026-21858, CVSS 10.0) allows full instance takeover
Complete Cloud Security in Minutes – Orca Security
2026-01-08 04:13:34
收藏
A critical vulnerability (CVE-2026-21858, CVSS score 10.0) was disclosed affecting the n8n workflow automation platform, allowing attackers to remotely execute code and fully take over vulnerable instances without any authentication. Due to the potential for complete compromise of automation infrastructure, data exposure, and downstream access to integrated systems, immediate patching is required. The issue originates […]
The post Critical unauthenticated RCE in n8n (CVE-2026-21858, CVSS 10.0) allows full instance takeover appeared first on Orca Security.
目录
最新
- HackerBot-Claw: An AI-Assisted Campaign Targeting GitHub Actions Pipelines
- Post-Exploitation at Scale: The Rise of AILM
- Top 5 Takeaways from the Webinar on Agentic AI and Cloud Native Protection
- Unlocking Kubernetes Security: Insights from Our Session at SANS Kubernetes & CNAPP Forum
- Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access
- The Future of AppSec: AI, Context, and Action
- Breaking: Actively Exploited Chrome Zero-Day May Impact Enterprise, Developer, and Automation Environments
- Building Application Security from the Ground Up: An Organizational Approach