CVSS – NuclearCoffee

Hacker news

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

On Mar 06, 2026 8:22 pm, by NuclearCoffee

Ravie LakshmananMar 06, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to… Continue reading

Hacker news

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

On Feb 13, 2026 9:59 pm, by NuclearCoffee

Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. “Overnight we… Continue reading

Hacker news

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

On Jan 30, 2026 10:34 am, by NuclearCoffee

Ravie LakshmananJan 30, 2026Vulnerability / Email Security SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary… Continue reading

Hacker news

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

On Jan 09, 2026 11:07 am, by NuclearCoffee

Jan 09, 2026Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a… Continue reading

Hacker news

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

On Jan 07, 2026 10:29 pm, by NuclearCoffee

Jan 07, 2026Ravie LakshmananVulnerability / Enterprise Security Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a “critical” issue that could… Continue reading

Hacker news

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

On Jan 07, 2026 4:21 pm, by NuclearCoffee

Jan 07, 2026Ravie LakshmananVulnerability / Automation Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated… Continue reading

Hacker news

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

On Jan 07, 2026 2:17 pm, by NuclearCoffee

Jan 07, 2026Ravie LakshmananVulnerability / Cloud Security Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote… Continue reading

Hacker news

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

On Jan 06, 2026 9:48 am, by NuclearCoffee

Jan 06, 2026Ravie LakshmananVulnerability / Web Security Users of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure of a critical… Continue reading

Hacker news

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

On Jan 06, 2026 7:46 am, by NuclearCoffee

Jan 06, 2026Ravie LakshmananVulnerability / DevOps A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to… Continue reading

Hacker news

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

On Dec 23, 2025 8:26 am, by NuclearCoffee

Dec 23, 2025Ravie LakshmananVulnerability / Workflow Automation A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary… Continue reading

Tag: CVSS

Stay Connected