The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow ...
GovInfoSecurity

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...

Python libraries used in top AI and ML tools hacked - Nvidia, Salesforce and other libraries all at risk

Security researchers from Palo Alto Networks have discovered vulnerabilities used in some top Artificial Intelligence (AI) ...
Cybernews

When workflows go rogue: critical n8n vulnerability opens door to system commands

The flaw allows authenticated n8n users with workflow-creation or modification permissions to bypass the intended security ...
Dark Reading

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...

Critical vulnerability in automation tool: n8n allows code smuggling

The popular tool for creating no-code workflows has four critical vulnerabilities, one with the highest score. Admins should ...

A critical n8n flaw has been discovered - here's how to stay safe

The vulnerability was fixed in n8n version 1.111.0, with the addition of a task-runner-based native Python implementation ...
TechRepublic

Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds

Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds Your email has been sent Minor updates break clients 94% of the time, while version ...