Unauthenticated – NuclearCoffee

Hacker news

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

On Mar 20, 2026 6:30 pm, by NuclearCoffee

Ravie LakshmananMar 20, 2026Web Security / Vulnerability Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to upload arbitrary executables… Continue reading

Hacker news

9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

On Mar 18, 2026 9:48 pm, by NuclearCoffee

Ravie LakshmananMar 18, 2026Network Security / Vulnerability Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which can… Continue reading

Hacker news

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

On Mar 18, 2026 1:41 pm, by NuclearCoffee

Ravie LakshmananMar 18, 2026Vulnerability / Data Protection Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an… Continue reading

Hacker news

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

On Feb 18, 2026 8:02 pm, by NuclearCoffee

Ravie LakshmananFeb 18, 2026Network Security / Enterprise Security Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an… Continue reading

Hacker news

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

On Feb 10, 2026 6:24 am, by NuclearCoffee

Ravie LakshmananFeb 10, 2026Vulnerability / Network Security Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code… Continue reading

Hacker news

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

On Jan 30, 2026 10:34 am, by NuclearCoffee

Ravie LakshmananJan 30, 2026Vulnerability / Email Security SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary… Continue reading

Hacker news

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

On Jan 29, 2026 10:16 am, by NuclearCoffee

Ravie LakshmananJan 29, 2026Vulnerability / Software Security SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could… Continue reading

Hacker news

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

On Jan 14, 2026 12:45 pm, by NuclearCoffee

Jan 14, 2026Ravie LakshmananVulnerability / Patch Management Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code… Continue reading

Hacker news

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

On Jan 13, 2026 10:29 pm, by NuclearCoffee

Jan 13, 2026Ravie LakshmananVulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow artificial intelligence (AI) Platform that could enable an… Continue reading

Hacker news

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

On Jan 07, 2026 4:21 pm, by NuclearCoffee

Jan 07, 2026Ravie LakshmananVulnerability / Automation Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated… Continue reading

Tag: Unauthenticated

Stay Connected