<p>More than 48,000 Common Vulnerabilities and Exposures were tracked in the CVE database in 2025, up approximately 20% from 2024 and 66% from 2023. If these trends continue, the number of CVEs in 2026 could reach anywhere from 57,600 to 79,680.</p>
<p>According to research from penetration testing services provider DeepStrike, attackers in 2025 exploited 28% of vulnerabilities within one day of their CVE disclosure. For context, it took an average of 30 days in 2020.</p>
<p>Granted, not all CVEs are high severity, and not all will be exploitable — or <a href=”https://www.techtarget.com/searchsecurity/tip/5-enterprise-patch-management-best-practices”>require patching</a> — in every organization. It is still important for security and IT teams to stay abreast of new vulnerabilities — especially critical ones — including those highlighted in this week’s featured news.</p>
<section class=”section main-article-chapter” data-menu-title=”More critical vulnerabilities in n8n workflow automation platform exposed”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>More critical vulnerabilities in n8n workflow automation platform exposed</h2>
<p>Researchers at JFrog have identified two critical vulnerabilities in n8n, a <a href=”https://www.techtarget.com/searchapparchitecture/opinion/Low-code-tool-n8n-bridges-gap-between-AI-models-and-business”>popular low-code workflow automation platform</a> used to integrate large language models into business processes. The news comes on the heels of a separate critical vulnerability that <a target=”_blank” href=”https://www.cybersecuritydive.com/news/critical-vulnerability-n8n-automation-platform/809360/” rel=”noopener”>Cyera researchers found in late 2025</a>.</p>
<p>The flaws, CVE-2026-1470 (severity 9.9) and CVE-2026-0863 (severity 8.5), enable attackers to bypass security controls, execute arbitrary code and gain full control over n8n services, and access credentials, API keys and other sensitive data.</p>
<p>These vulnerabilities affect both cloud and unpatched self-hosted deployments. Organizations are urged to update to patched versions and implement strong security measures.</p>
<p><a target=”_blank” href=”https://www.darkreading.com/vulnerabilities-threats/critical-flaws-n8n-compromise-customer-security” rel=”noopener”><i>Read the full arti
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: