The Go development team has released Go versions 1.25.6 and 1.24.12, addressing six critical security vulnerabilities that could enable denial-of-service attacks, arbitrary code execution, and unauthorised session resumption. These minor point releases…

The Node.js project has released critical security updates addressing multiple vulnerabilities affecting all active release lines. On January 13, 2026, the Node.js team announced patches for versions 20.x, 22.x, 24.x, and 25.x, tackling three high-seve…

SAP released 17 new security notes on January 13, 2026, addressing vulnerabilities affecting widely deployed enterprise systems. The patch day includes four critical-severity flaws spanning SQL injection, remote code execution, and code injection attac…

A critical remote code execution vulnerability has left over 100,000 n8n workflow automation instances exposed to potential cyberattacks. The Shadowserver Foundation disclosed that 105,753 vulnerable instances were identified on January 9, 2026, repres…

Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive information, and cause denial-of-service conditions. The flaws,…

Trend Micro has issued a critical security update for Apex Central to address multiple remotely exploitable vulnerabilities, including a bug that allows unauthenticated attackers to execute code with SYSTEM-level privileges.  Organizations running vuln…

Linux administrators are being urged to update promptly after disclosures of multiple vulnerabilities in GitLab, including flaws that could enable cross-site scripting, authorization bypass, and denial of service in selfmanaged instances…