Abstract: Modern JavaScript engines employ multi-tier JIT compilation for high performance, but these aggressive optimizations often introduce subtle and hard-to-detect security vulnerabilities.

On February 5, 2026, security researchers disclosed a severe vulnerability in the popular n8n workflow automation platform that allows authenticated attackers to run arbitrary commands on the host ...

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. A new vulnerability database has launched in the EU, in a bid to reduce dependence on the ...

The decentralized approach makes it possible to assign and publish vulnerability identifiers autonomously without having to wait for central approval. A total of more than 25 different data sources ...

A serious security vulnerability has been discovered in the default web browser of the Android OS lower than 4.4 running on a large number of Android devices that allows an attacker to bypass the Same ...

A critical-severity vulnerability in the n8n workflow automation platform allows attackers to take over vulnerable instances, data security firm Cyera warns. N8n has over 100 million Docker pulls, ...

A critical-severity vulnerability recently patched in the jsPDF library could allow attackers to read sensitive information, including configuration files and credentials, Endor Labs warns. A popular ...

A new report out today from data security company Cyera Ltd. is warning that a recently discovered critical security vulnerability in workflow automation platform n8n is putting thousands of ...

Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain ...

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...

Abstract: Just-In-Time(JIT) compilers embedded in JavaScript engines significantly boost runtime performance but also introduce difficult-to-detect vulnerabilities. Fuzz testing has proven effective ...

A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities Catalog.