Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability (CVE-2026-20029) Cisco released a security advisory to address a medium-severity vulnerability impacting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC. Tracked as CVE-2026-20029,... 09/01/2026 Qualys-Threat-Protect
N8n Warns of Remote Code Execution Vulnerability (CVE-2026-21877) N8n is vulnerable to a maximum severity flaw that could allow an authenticated attacker to execute arbitrary code with the... 09/01/2026 Qualys-Threat-Protect
N8n Critical Arbitrary Command Execution Vulnerability (CVE-2025-68668) A new vulnerability has been discovered in n8n, an open-source workflow automation tool. Tracked as CVE-2025-68668, the vulnerability has a critical severity rating with a CVSS score of 9.9. Successful exploitation of the... 06/01/2026 Qualys-Threat-Protect
ZDI-25-1202: (0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1201: (0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1200: (0Day) Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1199: (0Day) Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1198: Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1197: Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not... 31/12/2025 Zero-Day Initiative
ZDI-25-1196: GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit... 31/12/2025 Zero-Day Initiative
