A flaw in the n8n platform allowed any authenticated user to fully compromise the underlying server, exposing credentials, secrets, and AI-driven workflows across enterprise environments. The vulnerability carries a CVSS score of 10.0 and allows attackers to break out of n8n’s JavaScript sandbox to execute arbitrary commands, effectively transforming routine workflow logic into complete control…
Tag: authenticated
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, News, Risk Management, Threats
Ingress-Nginx Vulnerability Enables Code Execution in Kubernetes
A recently disclosed vulnerability in ingress-nginx may allow authenticated attackers to execute code and access Kubernetes Secrets in affected clusters. The vulnerability could “… lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller,” said Kubernetes researchers. Inside the Ingress-Nginx Security Vulnerability Ingress controllers sit…