[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fAWJKPyhSYLxjXOSY4XM1iM3CPjvv8JTQWbe9B0CyHPY":3},{"article":4,"iocs":40},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":32,"category":33,"article_tags":37},"f933eed1-3ba6-4ddf-91cd-253316d11849","Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws","ivanti-fortinet-sap-vmware-n8n-patch-rce-sql-injection-privilege-escalation-flaw-b0549c","Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks. \"External control of a file name","Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for vulnerabilities that could be exploited to bypass authentication and execute arbitrary code. The vulnerabilities include a critical flaw in Ivanti Xtraction, multiple flaws in Fortinet FortiAuthenticator and FortiSandbox, SQL injection and authentication bypass issues in SAP S\u002F4HANA and Commerce Cloud, a privilege escalation flaw in VMware Fusion, and prototype pollution vulnerabilities in n8n.","Ivanti, Fortinet, SAP, VMware, and n8n patched RCE, SQL injection, and privilege escalation flaws.","Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws Ravie LakshmananMay 18, 2026Vulnerability \u002F Software Security Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks. \"External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks,\" Ivanti said in an advisory. Fortinet published advisories for two critical shortcomings affecting FortiAuthenticator and FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS that could result in code execution - CVE-2026-44277 (CVSS score: 9.1) - An improper access control vulnerability in FortiAuthenticator that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. (Fixed in FortiAuthenticator versions 6.5.7, 6.6.9, and 8.0.3) CVE-2026-26083 (CVSS score: 9.1) - A missing authorization vulnerability in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI that may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests. (Fixed in FortiSandbox versions 4.4.9 and 5.0.2, FortiSandbox Cloud version 5.0.6, and FortiSandbox PaaS versions 4.4.9. and 5.0.2) SAP also shipped fixes for two critical vulnerabilities - CVE-2026-34260 (CVSS score: 9.6) - An SQL injection vulnerability in SAP S\u002F4HANA CVE-2026-34263 (CVSS score: 9.6) - A missing authentication check in the SAP Commerce cloud configuration \"The vulnerability is caused by an overly permissive security configuration with improper rule ordering, allowing an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution,\" Onapsis said about CVE-2026-34263. On the other hand, CVE-2026-34260 could be exploited by an attacker to inject malicious SQL statements and potentially impact the confidentiality and availability of the application. However, since the affected code only allows read access to data, the vulnerability does not compromise the integrity of the application. \"It allows a low-privileged, authenticated attacker to inject malicious SQL code via user-controlled input, potentially exposing sensitive database information and crashing the application,\" Pathlock said. Patches have also been released by Broadcom for a high-severity flaw in VMware Fusion (CVE-2026-41702, CVSS score: 7.8) that could pave the way for local privilege escalation. The issue has been addressed in version 26H1. \"VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary,\" Broadcom said. \"A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.\" Round off the list is a set of five critical vulnerabilities impacting n8n - CVE-2026-42231 (CVSS score: 9.4) - A vulnerability in the xml2js library used to parse XML request bodies in n8n's webhook handler that allows prototype pollution via a crafted XML payload, enabling an authenticated user with permission to create or modify workflows to achieve remote code execution on the n8n host. (Fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1) CVE-2026-42232 (CVSS score: 9.4) - An authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node, leading to remote code execution when combined with other nodes exploiting the prototype pollution. (Fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1) CVE-2026-44791 (CVSS score: 9.4) - A bypass for CVE-2026-42232 that could result in remote code execution on the n8n host. (Fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1) CVE-2026-44789 (CVSS score: 9.4) - An authenticated user with permission to create or modify workflows could achieve global prototype pollution via an unvalidated pagination parameter in the HTTP Request node, leading to remote code execution on the n8n host. (Fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1) CVE-2026-44790 (CVSS score: 9.4) - An authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation, enabling an attacker to read arbitrary files from the n8n server and resulting in full compromise. (Fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1) Software Patches from Other Vendors Security updates have also been released by other vendors over the past several weeks to rectify various vulnerabilities, including - ABB Adobe Amazon Web Services AMD Apple ASUS Atlassian Axis Communications AVEVA Canon Cisco CODESYS ConnectWise Dell Devolutions Drupal F5 Fortra Foxit Software Fujitsu GitLab GnuTLS Google Android and Pixel Google Chrome Google Cloud Grafana Hikvision Hitachi Energy Honeywell HP HP Enterprise (including Aruba Networking and Juniper Networks) Huawei IBM Intel Jenkins Lenovo Linux distributions AlmaLinux, Alpine Linux, Amazon Linux, Arch Linux, Debian, Gentoo, Oracle Linux, Mageia, Red Hat, Rocky Linux, SUSE, and Ubuntu MediaTek Meta WhatsApp Microsoft Mitel Mitsubishi Electric MongoDB Moxa Mozilla Firefox, Firefox ESR, and Thunderbird NVIDIA OPPO Palo Alto Networks Phoenix Contact Phoenix Technologies Progress Software QNAP Qualcomm React Ricoh Samsung Schneider Electric Siemens Sophos Spring Framework Supermicro Synology Tenable TP-Link WatchGuard Zoom, and Zyxel Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  cybersecurity, Fortinet, Ivanti, Patch Management, privilege escalation, Prototype Pollution, remote code execution, SQL Injection, Vulnerability ⚡ Top Stories This Week Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI\u002FCD Workflows ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories Microsoft Warns of Two Actively Exploited Defender Vulnerabilities 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective The New Phishing Click: How OAuth Consent Bypasses MFA Developer Workstations Are Now Part of the Software Supply Chain ⭐ Featured Resources Claim ANY.RUN Anniversary Offer for Faster Malware Analysis [Guide] Learn to Detect AI Typosquatting Risks in Your Domain [Guide] Get Key Identity Security Insights From 2026 Snapshot Discover How to Navigate the Era of Constant Cyber Exposure","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fivanti-fortinet-sap-vmware-n8n-patch.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEi2iqd3uRuOdLaM83LyZC9GOeOLeP9BnBVQQQzF7LZUeBTXfGo6e6b9c7PSC0Tkt_vhN_FUFUiDwnLXXNmzpIubE5bI0rA7dRaDhuiV35uiNTcMab7o8E_1ehn3CzUUsfno-6fYECbYzGNS1dyNof1ihn-hf4QYjLn7ZD53y_byQigukme9w-LAeBKDWXAg\u002Fs1600\u002Fpatches.jpg","2026-05-18T10:54:05+00:00","2026-05-18T12:00:11.98577+00:00",9,[18,21,24,26,28,30],{"name":19,"type":20},"Ivanti","vendor",{"name":22,"type":23},"Xtraction","product",{"name":25,"type":20},"Fortinet",{"name":27,"type":23},"FortiAuthenticator",{"name":29,"type":23},"FortiSandbox",{"name":31,"type":20},"SAP","80544778-fabb-4dcd-aa35-17492e5dcf4f",{"id":32,"icon":34,"name":35,"slug":36},null,"Vulnerabilities","vulnerabilities",[38],{"category":39},{"id":32,"icon":34,"name":35,"slug":36},[41,45,48,51,54,57,60,63],{"type":42,"value":43,"context":44},"cve","CVE-2026-8043","Ivanti Xtraction information disclosure or client-side attacks",{"type":42,"value":46,"context":47},"CVE-2026-44277","FortiAuthenticator unauthorized code execution",{"type":42,"value":49,"context":50},"CVE-2026-26083","FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI unauthorized code execution",{"type":42,"value":52,"context":53},"CVE-2026-34260","SAP S\u002F4HANA SQL injection vulnerability",{"type":42,"value":55,"context":56},"CVE-2026-34263","SAP Commerce cloud configuration missing authentication check",{"type":42,"value":58,"context":59},"CVE-2026-41702","VMware Fusion local privilege escalation",{"type":42,"value":61,"context":62},"CVE-2026-42231","n8n prototype pollution via crafted XML payload",{"type":42,"value":64,"context":65},"CVE-2026-42232","n8n global prototype pollution via the XML Node"]