Research Archives | Orca Security

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

‘Orca Watch’ Series

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

Introduction State-sponsored attackers compromised Notepad++'s hosting infrastructure from June through December 2025, hijacking the application's update mechanism to deliver malicious...

Igor Stepansky

Feb 02, 2026

Critical n8n Sandbox Escape Enables Remote Code Execution

‘Orca Watch’ Series

Critical n8n Sandbox Escape Enables Remote Code Execution

A critical vulnerability (CVE-2026-1470, CVSS 9.9) was disclosed on January 27, 2026 affecting n8n, the popular open-source workflow automation platform....

Igor Stepansky

Jan 29, 2026

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

‘Orca Watch’ Series

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

A critical vulnerability (CVE-2025-15467, CVSS 9.8) dropped on January 27, 2026. It affects OpenSSL 3.0, 3.3, 3.4, 3.5, and 3.6...

Igor Stepansky

Jan 29, 2026

Microsoft Office Zero-Day Actively Exploited – Emergency Patches Released

‘Orca Watch’ Series

Microsoft Office Zero-Day Actively Exploited – Emergency Patches Released

Quick Overview CVE-ID: CVE-2026-21509 CVSS Score: 7.8 (High) Affected Products: Microsoft Office 2016, 2019, LTSC 2021, LTSC 2024, Microsoft 365...

Igor Stepansky

Jan 28, 2026

GNU InetUtils telnetd Authentication Bypass Grants Instant Root Access

‘Orca Watch’ Series

GNU InetUtils telnetd Authentication Bypass Grants Instant Root Access

A critical vulnerability (CVE-2026-24061, CVSS 9.8) was disclosed on January 20, 2026 affecting GNU InetUtils telnetd versions 1.9.3 through 2.7....

Igor Stepansky

Jan 28, 2026

Critical unauthenticated RCE in n8n (CVE-2026-21858, CVSS 10.0) allows full instance takeover

‘Orca Watch’ Series

Critical unauthenticated RCE in n8n (CVE-2026-21858, CVSS 10.0) allows full instance takeover

A critical vulnerability (CVE-2026-21858, CVSS score 10.0) was disclosed affecting the n8n workflow automation platform, allowing attackers to remotely execute...

Roi Nisimi

Jan 07, 2026

Critical 9.3 Severity LangChain Serialization Flaw Enables Secret Theft

‘Orca Watch’ Series

Critical 9.3 Severity LangChain Serialization Flaw Enables Secret Theft

A critical vulnerability (CVE-2025-68664, CVSS 9.3) was disclosed affecting the LangChain open-source LLM framework, allowing attackers to steal sensitive data...

Roi Nisimi

Dec 25, 2025

Critical Unauthenticated MongoDB Heap Memory Leak Vulnerability Leaks Sensitive Data

‘Orca Watch’ Series

Critical Unauthenticated MongoDB Heap Memory Leak Vulnerability Leaks Sensitive Data

A high severity vulnerability (CVE-2025-14847, CVSS 7.5/8.7) was disclosed affecting MongoDB Server across a wide range of versions, allowing attackers...

Roi Nisimi

Dec 23, 2025

Critical n8n RCE vulnerability enables full server compromise

‘Orca Watch’ Series

Critical n8n RCE vulnerability enables full server compromise

A critical vulnerability (CVE-2025-68613, CVSS 9.9/10.0) was disclosed affecting the n8n workflow automation platform, allowing attackers to execute arbitrary code...

Roi Nisimi

Dec 22, 2025

Research

Notepad++ Update Mechanism Hijacked by State-Sponsored Actors for Six Months

Critical n8n Sandbox Escape Enables Remote Code Execution

CVE-2025-15467: Critical OpenSSL Flaw Enables Pre-Auth Remote Code Execution

Microsoft Office Zero-Day Actively Exploited – Emergency Patches Released

GNU InetUtils telnetd Authentication Bypass Grants Instant Root Access

Critical unauthenticated RCE in n8n (CVE-2026-21858, CVSS 10.0) allows full instance takeover

Critical 9.3 Severity LangChain Serialization Flaw Enables Secret Theft

Critical Unauthenticated MongoDB Heap Memory Leak Vulnerability Leaks Sensitive Data

Critical n8n RCE vulnerability enables full server compromise

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons