remote code execution | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify , an open-source, self-hosting platform, that could result in authentication bypass and remote code execution. The list of vulnerabilities is as follows - CVE-2025-66209 (CVSS score: 10.0) - A command injection vulnerability in the database backup functionality allows any authenticated user with database backup permissions to execute arbitrary commands on the host server, resulting in container escape and full server compromise CVE-2025-66210 (CVSS score: 10.0) - An authenticated command injection vulnerability in the database import functionality allows attackers to execute arbitrary commands on managed servers, leading to full infrastructure compromise CVE-2025-66211 (CVSS score: 10.0) - A command injection vulnerability in the PostgreSQL init script management allows authenticated users with database permissions to execute arbitrary commands as root on the server ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting Microsoft Office and Hewlett Packard Enterprise (HPE) OneView to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The vulnerabilities are listed below - CVE-2009-0556 (CVSS score: 8.8) - A code injection vulnerability in Microsoft Office PowerPoint that allows remote attackers to execute arbitrary code by means of memory corruption CVE-2025-37164 (CVSS score: 10.0) - A code injection vulnerability in HPW OneView that allows a remote unauthenticated user to perform remote code execution Details of CVE-2025-37164 emerged last month when HPE said the vulnerability impacts all versions of the software prior to version 11.00. The company also made available hotfixes for OneView versions 5.20 through 10. The scope and source of the attacks targeting the two flaws is presently unclear, and there appear to be no public repor...

Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n , a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances. The vulnerability, tracked as CVE-2026-21858 (CVSS score: 10.0), has been codenamed Ni8mare by Cyera Research Labs. Security researcher Dor Attias has been acknowledged for discovering and reporting the flaw on November 9, 2025. "A vulnerability in n8n allows an attacker to access files on the underlying server through execution of certain form-based workflows," n8n said in an advisory published today. "A vulnerable workflow could grant access to an unauthenticated remote attacker. This could result in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage." With the latest development, n8n has disclosed four critical vulnerabili...

Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has been assigned the CVE identifier CVE-2026-21877 , is rated 10.0 on the CVSS scoring system. "Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service," n8n said in an advisory released Tuesday. "This could result in full compromise of the affected instance." The maintainers said both self-hosted deployments and n8n Cloud instances are impacted. The issue impacts the following versions - >= 0.123.0 < 1.121.3 It has been addressed in version 1.121.3, which was released in November 2025. Security researcher Théo Lelasseux (@ theolelasseux ) has been credited with discovering and reporting the flaw. Users are advised to upgrade to this version or later to completely address the vuln...

Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a "critical" issue that could result in remote code execution (RCE). The vulnerability, tracked as CVE-2025-59470, carries a CVSS score of 9.0. "This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as the postgres user by sending a malicious interval or order parameter," it said in a Tuesday bulletin. According to Veeam's documentation, a user with a Backup Operator role can start and stop existing jobs; export backups; copy backups; and create VeeamZip backups. A Tape Operator user, on the other hand, can run tape backup jobs or tape catalog jobs; eject tapes; import and export tapes; move tapes to a media pool; copy or erase tapes; and set a tape password. In other words, these roles are considered highly privileged, and organizations should already be taking adequate protections to prevent them from bei...