ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)

A flaw in n8n's Enterprise token exchange matched JWTs on the sub claim alone, ignoring iss. A valid token from issuer A with a sub belonging to issuer B logged the attacker in as that user. n8n shipped the fix on June 24. The flaw is tracked as CVE-2026-59208, rated 7.6 on CVSS 4.0.
Tap to vote and see what everyone thinks.
Summary by ByteBrief