The Hacker News

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

CVE-2026-21877, a critical authenticated RCE flaw with CVSS 10.0, fixed in version 1.121.3 after affecting earlier releases.
heise online

Vulnerability assessment: Open source developer renews criticism of CVSS and CVE

Daniel Stenberg, inventor and main developer of the open source command line tool cURL, has once again criticized the CVE (Common Vulnerabilities and Exposures) ecosystem in a blog post. The focus of ...