CRITICALVulnerability
Global

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

·Source: The Hacker News

Updated:

Executive Summary

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks. "External control of a file name

Analysis

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks. "External control of a file name

Indicators of Compromise (1)

CVE (1)
CVE-2026-8043
NVDMITRE CVE
Source Attribution

Originally published by The Hacker News on May 18, 2026.

Related Threats

MEDIUMVulnerabilityNEW

Interpol Launches Sweeping Cybercrime Crackdown in MENA Region

Over 200 people were arrested in an anti-cybercrime operation that spanned 13 countries across the Middle East and North Africa

Infosecurity Magazine
MEDIUMVulnerabilityNEW

Grafana says stolen GitHub token let hackers steal codebase

Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [...]

BleepingComputer
LOWVulnerabilityNEW

CMC Markets launches spread-betting account for retail clients

CMC Markets (“CMC”), a FTSE 250 company and global leader in multi-asset online trading and investing, has launched Spectre for retail clients, following strong demand after the product was initially introduced for professional traders.

Finextra