F5 reclassifies CVE-2025-53521 from DoS to critical RCE (CVSS 9.8) in March 2026. In-memory-only webshells deployed, attackers linked to China.
The Ni8mare vulnerability in n8n allows unauthenticated full server takeover. CVSS 10.0, 100,000 estimated vulnerable instances, 26,512 detected by Censys.
Critical flaw in GNU InetUtils telnet daemon allows unauthenticated remote root code execution. 3,362 hosts directly exposed on the Internet.
PolyShell, a critical vulnerability in Magento and Adobe Commerce, allows unauthenticated file upload and execution. 50+ IPs actively scanning.
Analysis of CVE-2026-21992, a critical Oracle Identity Manager vulnerability allowing unauthenticated remote code execution. Patch available.
Technical analysis of CVE-2026-33017, a critical Langflow vulnerability allowing unauthenticated remote code execution. Exploited within 20 hours of disclosure.