Greater than 48,000 Frequent Vulnerabilities and Exposures had been tracked within the CVE database in 2025, up roughly 20% from 2024 and 66% from 2023. If these developments proceed, the variety of CVEs in 2026 may attain wherever from 57,600 to 79,680.
In line with analysis from penetration testing companies supplier DeepStrike, attackers in 2025 exploited 28% of vulnerabilities inside in the future of their CVE disclosure. For context, it took a mean of 30 days in 2020.
Granted, not all CVEs are excessive severity, and never all will probably be exploitable — or require patching — in each group. It’s nonetheless vital for safety and IT groups to remain abreast of recent vulnerabilities — particularly important ones — together with these highlighted on this week’s featured information.
Extra important vulnerabilities in n8n workflow automation platform uncovered
Researchers at JFrog have recognized two important vulnerabilities in n8n, a in style low-code workflow automation platform used to combine giant language fashions into enterprise processes. The information comes on the heels of a separate important vulnerability that Cyera researchers present in late 2025.
The issues, CVE-2026-1470 (severity 9.9) and CVE-2026-0863 (severity 8.5), allow attackers to bypass safety controls, execute arbitrary code and achieve full management over n8n companies, and entry credentials, API keys and different delicate knowledge.
These vulnerabilities have an effect on each cloud and unpatched self-hosted deployments. Organizations are urged to replace to patched variations and implement robust safety measures.
Essential Fortinet FortiCloud single sign-on vulnerability exploited
Federal authorities and researchers are warning about CVE-2026-24858, a important vulnerability in Fortinet FortiCloud SSO that allows attackers with registered units and accounts to entry different customers’ units.
Exploitation entails malicious actions, reminiscent of altering firewall configurations, creating unauthorized accounts and enabling VPN entry for persistence.
Earlier patches for associated flaws — CVE-2025-59718 and CVE-2025-59719 — don’t shield towards the present vulnerability.
Fortinet disabled FortiCloud SSO quickly and suggested customers to improve to safe variations. Arctic Wolf researchers noticed automated assaults involving speedy configuration modifications and knowledge exfiltration. Shadowserver reported 10,000 weak cases, emphasizing the urgency for customers to patch and safe affected techniques.
Learn the total article by David Jones on Cybersecurity Dive.
WinRAR vulnerability exploited by risk actors
Risk actors, together with state-sponsored teams, are actively exploiting CVE-2025-8088, a high-severity path traversal vulnerability in file-archiving software program WinRAR, regardless of a patch launched in July 2025.
The flaw permits attackers to execute arbitrary code through malicious archive recordsdata, posing important dangers to SMBs and professionals dealing with compressed recordsdata.
WinRAR’s widespread use and lack of normal updates make it a pretty goal for attackers. Exploitation entails hiding malicious payloads in Alternate Knowledge Streams inside archives, enabling persistence on techniques. Google and safety specialists have urged customers to replace WinRAR instantly to mitigate dangers and cut back publicity to ongoing focused assaults.
Learn the total article by Alexander Culafi on Darkish Studying.
Essential Telnet vulnerability exploited by risk actors
A important authentication bypass flaw within the GNU InetUtils telnetd server, tracked as CVE-2026-24061, has resurfaced as a serious risk, affecting a whole bunch of hundreds of telnet servers globally. Regardless of being addressed in model 2.8 of InetUtils, the flaw, launched in 2015, stays simple to take advantage of, granting attackers full system management.
Telnet, an outdated and insecure protocol, continues to be broadly utilized in legacy techniques and IoT units, with an estimated 800,000 cases uncovered worldwide. Consultants warned of delayed patch rollouts and advisable disabling telnet servers, proscribing entry and segmenting high-risk units to mitigate dangers.
Microsoft patches actively exploited Workplace zero-day vulnerability
Microsoft has launched an emergency patch for CVE-2026-21509, a zero-day vulnerability in Microsoft Workplace and Microsoft 365 that attackers are actively exploiting. Rated CVSS 7.8, the flaw permits attackers to bypass safety controls and execute arbitrary code, doubtlessly compromising system confidentiality, integrity and availability.
Exploitation requires consumer interplay, reminiscent of opening a malicious Workplace file. CISA has mandated federal businesses to patch the vulnerability by February 16. Whereas Workplace 2021 customers are protected, Workplace 2016 and 2019 customers should set up updates. Consultants warned that the flaw is probably going being utilized in superior, focused assaults, and emphasised the significance of quick patching.
Learn the total article by Jai Vijayan on Darkish Studying.
Editor’s word: An editor used AI instruments to help within the technology of this information temporary. Our professional editors at all times evaluate and edit content material earlier than publishing.
Sharon Shea is govt editor of TechTarget Safety.
