PT-2026-36901

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.32 n8n versions prior to 2.17.4 n8n versions prior to 2.18.1 Description A flaw in the SeaTable node's 'row:search' and 'row:get' operations allows user-controlled input to be concatenated directly into SQL query...

Missing Authorization

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Missing Authorization via the dynamic-node-parameters endpoints. An attacker can access and exfiltrate sensitive credentials belonging to other users by supplying a foreign credential ID in the...

PT-2026-33010

🔒 CyberSecurity CVE-2024-44738 & CVE-2024-44337: n8n Workflow Automation Critical Flaws — Detec… "Security Arsenal’s analysis of the recent Pillar Security disclosure regarding n8n…" 🔗 https://t.co/U8qg6uYpWr CyberSecurity ThreatIntel alertfatigue triage alertmonitor...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by unknown CVE via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-JH8H-6C9Q-7GMW...

EUVD-2026-8760

n8n has Arbitrary Command Execution via File Write and Git Operations...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-25115 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-25115 Source advisory: OSV:GHSA-8398-GMMX-564H...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-25053 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-25053 Source advisory: OSV:GHSA-9G95-QF3F-GGRW...

GHSA-5XRP-6693-JJX9 n8n Unsafe Workflow Expression Evaluation Allows Remote Code Execution

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

n8n Users Urged to Patch CVSS 10.0 Full System Takeover Vulnerability

A critical vulnerability CVE-2026-21877 found by Upwind affects n8n automation tools. Learn why researchers are urging users to update to version 1.121.3 immediately to prevent remote code execution...

n8n 代码问题漏洞

n8n is a scalable workflow automation tool from n8n open source. A code issue vulnerability exists in n8n 0.121.2 and prior versions that originates from an authenticated attacker who can execute malicious code that could lead to a full crack...

EUVD-2026-1187

n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling...

Basic-Automation-Exploit-Tool

Basic-Automatio...

Exploit for Improper Control of Dynamically-Managed Code Resources in N8N

n8nCVE-2025-686...

EUVD-2020-28705

Malware in sbrugna...

msdat

This is an offensive tool for Microsoft SQL Server MSSQL database exploitation. The tool is called "MSDAT" and is designed to perform various attacks on MSSQL databases, including reading and writing files, executing system commands, and more. The tool uses a variety of techniques, including OLE...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to access to an uninitialized pointer, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to writing beyond the buffer limit, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to writing outside the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially created malicious file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the use of memory after it is released. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially created malicious file...