The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
InfoWorld

19 large language models redefining AI safety—and danger

Whether you are looking for an LLM with more safety guardrails or one completely without them, someone has probably built it.
至顶头条 on MSN

关键n8n漏洞允许远程代码执行和存储凭据泄露

网络安全研究人员披露了n8n工作流自动化平台的两个已修补安全漏洞,包括可能导致任意命令执行的严重漏洞。CVE-2026-27577允许通过表达式沙箱逃逸实现远程代码执行,CVE-2026-27493可通过表单节点进行未授权表达式评估。攻击者可利用这些漏洞读取加密密钥并解密数据库中存储的所有凭据。受影响版本已在2.10.1、2.9.3和1.123.22版本中修复。