The Hacker News

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026 ...
The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
SecurityWeek

Fresh SolarWinds Vulnerability Exploited in Attacks

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.
Infosecurity Magazine

SolarWinds Web Help Desk Vulnerability Actively Exploited

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by ...

Update Synology ASAP – CVE-2026-24061 : Fix Synology Telnet & Install the DSM Updates

Patch Synology NAS now, a 9.8 flaw allows root by one command, and DSM 7.3.2 Update 1 blocks it for safer access.
Dark Reading

Europe's GCVE Raises Concerns Over Fragmentation in Vulnerability Databases

GCVE would enhance global collaboration, flexibility, and efficiency in tracking vulnerabilities. Duplicate entries and ...
Bleeping Computer

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" ...