SecurityWeek

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical-severity n8n vulnerabilities could have led to unauthenticated remote code execution, sandbox escape, and credential theft.
SecurityWeek

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

SAP released 15 new security notes on its March 2026 Security Patch Day, including two that resolve critical vulnerabilities ...
ZDNet

Patch released for Fortinet command injection vulnerability

Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...
Infosecurity-magazine.com

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

Three security vulnerabilities in the official Git server for Anthropic's Model Context Protocol (MCP), mcp-server-git, have been identified by cybersecurity researchers. The flaws can be exploited ...
Security Boulevard

When Proxies Become Attack Vectors Through Header Injection

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...