The Hacker News

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Researchers disclosed two n8n vulnerabilities that let authenticated users bypass JavaScript and Python sandboxes to run ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Popular AI interface was plagued by an 8/10 bug, but a fix is now available.
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
Bleeping Computer

Critical Sophos Firewall vulnerability allows remote code execution

Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution (RCE). Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User ...
CSOonline

Some Brother printers have a remote code execution vulnerability, and they can’t fix it

An authentication bypass vulnerability in the printers, hardcoded at the factory, can be chained with another flaw for remote code execution on affected devices. Brother Industries is grappling with a ...
Dark Reading

Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message

A vulnerability chain discovered in Zoom's chat functionality can be exploited to allow zero-click remote code execution (RCE), threat hunters have revealed. Google's Project Zero uncovered an attack ...