New.
Pillar Security: Zero Click Unauthenticated RCE in n8n: A Contact Form That Executes Shell Commands https://www.pillar.security/blog/zero-click-unauthenticated-rce-in-n8n-a-contact-form-that-executes-shell-commands
More:
The Hacker News: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials https://thehackernews.com/2026/03/critical-n8n-flaws-allow-remote-code.html @thehackernews #infosec #vulnerability
🚨 CVE-2026-3826 (CRITICAL): WellChoose IFTOP PHP LFI lets unauthenticated attackers execute remote code. No patch yet. Isolate affected systems & monitor for LFI attempts. Act now to avoid full compromise! https://radar.offseq.com/threat/cve-2026-3826-cwe-98-improper-control-of-filename--e68c5a28 #OffSeq #Infosec #PHP #Vulnerability
Medium-severity advisory from AMD:
CVE-2025-0037: Versal Adaptive SoC – Overwriting Protected Memory Regions through PLM Firmware https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html
A long list of advisories from Adobe: https://helpx.adobe.com/security/security-bulletin.html
Dell patches for multiple vulnerabilities:
Security Update for Dell Connectrix B-Series SANnav Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000437875/dsa-2026-088-security-update-for-dell-connectrix-b-series-sannav-vulnerabilities
Security Update for Dell Connectrix B-Series FOS and SANnav Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000437867/dsa-2026-087-security-update-for-dell-connectrix-b-series-fos-and-sannav-vulnerabilities
Security Update for Dell Avamar Data Store Gen5A Multiple Third-Party Component Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000437829/dsa-2026-086-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities #Dell
#infosec #vulnerability #AMD #Adobe
New.
"Within three weeks of going viral, the project had published over 200 GitHub Security Advisories, but only a portion have corresponding CVE identifiers."
Socket: OpenClaw Advisory Surge Highlights Gaps Between GHSA and CVE Tracking https://socket.dev/blog/openclaw-advisory-surge-highlights-gaps-between-ghsa-and-cve-tracking @SocketSecurity #infosec #OpenClaw #vulnerability
The Conversation You Didn't Have
There's a particular ache in the things we don't say—the words we rehearse in the shower, the clarifications we prepare while falling asleep, the apologies or confessions that never quite make it across the table. This spring, consider one conversation you've been carrying with y
Continue reading →🛡️ CVE-2026-3715: HIGH-severity stack overflow in Wavlink WL-WN579X3-C routers (v231124). Remote attackers can execute code w/o auth. Exploit code is public — patch to 20260226 now! https://radar.offseq.com/threat/cve-2026-3715-stack-based-buffer-overflow-in-wavli-504a0f36 #OffSeq #Vulnerability #RouterSecurity #Infosec
🚨 CRITICAL CVE-2026-30861: Tencent WeKnora (0.2.5 – 0.2.9) OS command injection enables unauth RCE — full system compromise possible. Patch to 0.2.10 now! More info: https://radar.offseq.com/threat/cve-2026-30861-cwe-78-improper-neutralization-of-s-94bf2228 #OffSeq #RCE #Vulnerability #InfoSec
Subscribe to #vulnerability entries via RSS feed