VulnHub

ServiceNow has reported a serious security vulnerability in its AI Platform that could allow an unauthenticated user to impersonate another user and take actions on their behalf. This flaw, identified as CVE-2025-12420, has a high severity rating of 9.3 out of 10, indicating a significant risk to users. The potential for impersonation means that attackers could exploit this weakness to gain unauthorized access to sensitive information or perform harmful actions. Organizations using ServiceNow's AI Platform should prioritize applying the patch to mitigate this risk and protect their users. The quick response from ServiceNow in addressing this vulnerability is crucial to maintaining trust in their services.

Trend Micro has addressed three vulnerabilities in its Apex Central management console that could potentially allow attackers to execute remote code or launch denial-of-service attacks. These flaws, identified as CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260, were discovered by security researchers from Tenable in August 2025. The vulnerabilities were made public after Tenable released proof-of-concept code, which could enable malicious actors to exploit the weaknesses. Organizations using Apex Central should apply the patches provided by Trend Micro to prevent potential attacks. It is crucial for users to ensure their systems are updated to mitigate any risks associated with these vulnerabilities.

Cisco has released updates to address a medium-severity vulnerability in its Identity Services Engine (ISE) and ISE Passive Identity Connector, identified as CVE-2026-20029. This flaw was brought to light following the publication of a proof-of-concept exploit, raising concerns about its potential exploitation. Organizations using these Cisco products are at risk, as the vulnerability could allow unauthorized access or manipulation of identity services. It’s crucial for affected users to apply the updates promptly to safeguard their networks and data from possible attacks. The quick response from Cisco highlights the ongoing need for vigilance in cybersecurity practices.

Researchers have identified 11 critical security vulnerabilities in Coolify, an open-source platform for self-hosting applications. These flaws could allow attackers to bypass authentication and execute arbitrary code on affected servers. Notably, one of the vulnerabilities, CVE-2025-66209, has a maximum severity score of 10.0, indicating the potential for severe exploitation if left unaddressed. Users of Coolify need to take immediate action to secure their installations, as these vulnerabilities could lead to full server compromise. This incident underscores the importance of regularly updating and monitoring open-source software to mitigate risks.

A serious vulnerability in n8n, known as Ni8mare (CVE-2026-21858), has been identified, allowing attackers to gain full control over affected instances without any authentication. This flaw has a maximum severity score of 10.0, indicating a high level of risk for users. Researchers from Cyera discovered this vulnerability, raising concerns about the security of workflow automation processes that many organizations rely on. If exploited, this could lead to unauthorized access, data breaches, and significant operational disruptions. Users and companies utilizing n8n should take immediate steps to secure their systems to prevent potential exploitation.

Researchers have identified a severe vulnerability in n8n, a widely-used workflow automation platform, allowing unauthenticated attackers to take full control of affected instances. This flaw, tracked as CVE-2026-21858 and given a maximum CVSS score of 10.0, has been named Ni8mare by Cyera Research Labs. The issue poses a significant risk as it could enable attackers to manipulate workflows and access sensitive data without any authentication. Users of n8n need to take this threat seriously, as the implications of such a breach could be extensive, impacting data integrity and privacy. Immediate action is recommended to safeguard systems until a patch is made available.

Veeam has addressed a serious remote code execution (RCE) vulnerability in its Backup & Replication software, identified as CVE-2025-59470, which has a high severity score of 9.0 on the CVSS scale. This flaw allows Backup or Tape Operators to execute arbitrary code remotely as the postgres user, potentially leading to significant security breaches. Alongside this critical issue, Veeam also patched several other vulnerabilities in the same software suite. Users of Veeam Backup & Replication should prioritize applying these patches to safeguard their systems from potential exploitation. The swift response by Veeam reflects the importance of maintaining updated software to prevent unauthorized access and data breaches.

The open-source workflow automation platform n8n has alerted users to a serious security vulnerability, identified as CVE-2026-21877, which carries a CVSS score of 10.0. This flaw could allow authenticated users to execute untrusted code remotely, posing a significant risk to both self-hosted and cloud versions of the software. Users and organizations utilizing n8n need to be aware of this vulnerability as it could lead to unauthorized access and potential data breaches. The company recommends that affected users take immediate action to secure their systems. As of now, the specific details regarding patches or updates have not been disclosed, but users should monitor official channels for further instructions.

CERT/CC has issued a warning about a serious vulnerability in the TOTOLINK EX200 Wi-Fi range extender, identified as CVE-2025-65606. This flaw allows a remote authenticated attacker to take complete control of the device, posing a significant risk to users. As this vulnerability remains unpatched, anyone using the TOTOLINK EX200 is advised to take immediate action to secure their networks. The potential for exploitation means that attackers could manipulate settings, access sensitive data, or use the device as a foothold into larger networks. Users need to be aware of this threat and consider alternative security measures while awaiting a fix.

A serious vulnerability in Dolby's software for Android devices has been identified, tracked as CVE-2025-54957. Discovered by Google researchers in October 2025, this flaw could potentially allow attackers to exploit the Dolby audio processing capabilities on affected devices. Users of Android devices utilizing Dolby technology should be particularly cautious, as the vulnerability poses risks to their audio functionality and overall device security. Immediate action is recommended to ensure that devices are updated to the latest software versions that include the necessary patches to fix this issue. This discovery emphasizes the need for regular updates and vigilance among users and security teams alike.

A serious vulnerability has been found in n8n, an open-source workflow automation platform, which could allow authenticated users to run arbitrary system commands on the server. This vulnerability, identified as CVE-2025-68668, has a high severity score of 9.9 according to the CVSS system, indicating a significant risk. It stems from a failure in the protection mechanisms that should keep the system secure. Users of n8n should be particularly concerned as this issue could lead to unauthorized control over their systems. The affected versions include all versions prior to the patch that addresses this vulnerability, making it crucial for users to update their installations promptly to prevent potential exploitation.