Critical Vulnerabilities Exposed: Fortinet and n8n Under Fire
Critical Vulnerabilities Exposed: Fortinet and n8n Under Fire
On January 15, 2026, the cybersecurity landscape was shaken by the disclosure of critical vulnerabilities in two major platforms: Fortinet's FortiSIEM and n8n automation software. The first vulnerability, CVE-2025-64155, affects Fortinet FortiSIEM devices, allowing command injection that could lead to arbitrary command execution on affected systems. With exploit code now public, organizations are urged to upgrade their systems urgently to mitigate this risk.
Simultaneously, n8n's critical remote code execution vulnerability, CVE-2026-21858, poses a threat to over 100,000 servers worldwide, enabling unauthorized users to run arbitrary code remotely. As these vulnerabilities are actively exploited, the call for immediate updates is clear. These incidents underline the escalating complexity of cyber threats in 2026, necessitating robust defensive measures across sectors.
Also In Security Today
- Ongoing Attack Campaigns: Cybercriminals are launching aggressive attacks targeting vulnerabilities in Microsoft's systems and critical infrastructure, highlighting the importance of vigilance against third-party risks. SWK Technologies
- Fortinet Patch Status: Fortinet has acknowledged the vulnerability in FortiSIEM and is reportedly working on a patch. Users are advised to monitor their official channels for updates. Cyber Recaps
- n8n Response: The n8n team has confirmed the vulnerability and is advising users to apply updates as soon as possible to protect their installations. Cyber Recaps