Top 5 this week

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign

The ROI Problem in Attack Surface Management

How To Browse Faster and Get More Done Using Adapt Browser

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

| CYBERSECURITY |

Admin User

January 6, 2026

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands — Image credit:
The Hacker News

N8n has been found to have a new critical security flaw. An authenticated attacker might be able to run arbitrary system commands on the underlying host. The vulnerability has a CVSS score of 9.9 and is tracked as CVE-2025-68668.

The flaw was found and reported by Vladimir Tokarev and Ofek Itach of Cyera Research Labs. It affects n8N versions 1.0.0 through, but not limited to, 2.0. It permits an authorized user to create or alter workflows in order to execute arbitrary operating system commands. The open-source workflow automation platform's versions 2.1.0 and 2.2.0 have fixed the problem.

The revelation coincides with n 8n fixing another serious flaw that, in some situations, could lead to arbitrary code execution.

In version 1.111.0, N8n claimed to have added a task runner-based native Python implementation as an optional feature for enhanced security isolation.

CYBER ATTACK CYBERSECURITY DATA BREACH VULNERABILITY