---
title: "#91 - January security roundup: CVSS 10 in n8n, self-hosted AI scares, and nonstop patching"
date: 2026-02-04
episode: 91
---


We kick off with a CVSS 10 in n8n, then look at self-hosted AI assistants with weak defaults and prompt injection risks. Are your API keys, inbox, and drives safe if a bot is open to the web? What should you rotate, patch, and hide behind a VPN?

[Discuss the episode or ask us anything on LinkedIn](https://www.linkedin.com/company/devsecops-talks/)

<!--more-->

<!-- Player -->

 {{<  podbean tngzd-1a39323-pb "DEVSECOPS Talks #91 - January security roundup: CVSS 10 in n8n, self-hosted AI scares, and nonstop patching"  >}} 

---

<!-- Video -->

{{< youtube IknJjyL4A6c >}}

## Notes