About the Remote Code Execution Vulnerability - n8n (CVE-2025-68613)

About Remote Code Execution Vulnerability - n8n CVE-2025-68613. n8n is a workflow automation platform available under a fair-code license. Improper Control of Dynamically-Managed Code Resources CWE-913 in the n8n workflow expression evaluation system allows a remote authenticated attacker without...

CVE-2026-3476

A Code Injection vulnerability affecting in SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file...

CVE-2026-3476 Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026

A Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file...

CVE-2026-3476 Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026

A Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file...

CVE-2025-41432

CVE-2025-41432 is an out-of-bounds write vulnerability affecting OpenHarmony up to v5.1.0. The issue is present in arkcompiler_ets_runtime and allows a local attacker to execute arbitrary code within pre-installed apps. The impact is described as high for confidentiality, integrity, and availabil...

Delta Electronics COMMGR2 Stack Buffer Overflow Vulnerability

Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. Delta Electronics COMMGR2 suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit this vulnerability to execute...

CVE-2025-69784

A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into...

MiracleLinux 8 : vim-8.0.1763-22.el8_10 (AXSA:2026-306:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-306:01 advisory. vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-25749 Tenable has extracted the preceding description block directly from the...

PT-2026-25776

Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possible to execute arbitrary PHP code from users that are allowed to create dropdowns. This issue has been patched in version 1.23.3...

KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of...

PT-2026-25623

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios...

CVE-2025-69809

A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to write arbitrary values to memory, enabling arbitrary code execution via a crafted packet...

PT-2026-25625

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

PT-2026-25703

Name of the Vulnerable Software and Affected Versions SOLIDWORKS Desktop versions 2025 through 2026 Description A code injection issue exists in SOLIDWORKS Desktop. Successful exploitation while opening a specially crafted file could allow an attacker to execute arbitrary code on the user's...

CVE-2025-65734

An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...

arduino-TuyaOpen 安全漏洞

Arduino-TuyaOpen is an IoT development framework based on Arduino, open-sourced by Tuya. Versions of Arduino-TuyaOpen prior to 1.2.1 contained security vulnerabilities. These vulnerabilities stemmed from a single-byte buffer overflow in the WiFiMulti component, which could allow for the execution...

Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2026-16162)

Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...

EulerOS Virtualization 2.12.0 : edk2 (EulerOS-SA-2026-1528)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful...

Tp-Link AX53 v1.0 tmpServer opcode 0x429 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2284 Tp-Link AX53 v1.0 tmpServer opcode 0x429 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62405 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer SmartNetSetClientList functionality of Tp-Link AX53 v1...

Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2287 Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62404 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x643 functionality of Tp-Link AX53 v1.0 1.3.1...