Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

JFrog security researchers have exposed two critical vulnerabilities (CVE-2026-1470, rated 9.9; and CVE-2026-0863, rated 8.5) in the n8n workflow automation platform.

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves better.’ ...

Attackers are actively exploiting a critical vulnerability in React Native's Metro server to infiltrate development ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

The JavaScript sandbox vm2 for Node.js was actually discontinued. Now an update closes a critical security vulnerability.

A new around of vulnerabilities in the popular AI automation platform could let attackers hijack servers and steal ...

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...