Lucene search
+L

7 matches found

nessus
nessus
added 2026/02/13 12:0 a.m.5 views

n8n Node.js Package < 1.123.18 / 2.x < 2.5.0 Arbitrary File Read (CVE-2026-25052)

The version of the n8n Node.js Package installed on the remote host is prior to 1.123.18, or 2.x prior to 2.5.0. It is, therefore, affected by an arbitrary file read vulnerability: - A vulnerability in the file access controls allows authenticated users with permission to create or modify workflo...

9.9CVSS6.1AI score0.00306EPSS
Exploits0References2
circl
circl
added 2026/02/05 8:8 a.m.6 views

CVE-2026-25052

creationtimestamp| type| source ---|---|--- 2026-02-05 08:08:06+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-n8n-1 2026-02-05 22:01:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me5fbnmhoe2h 2026-02-05 22:02:01+00:00| seen|...

9.9CVSS6AI score0.00306EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2026/02/04 6:25 p.m.9 views

@klardaten/n8n-nodes-datevconnect (>=1.0.1 <=1.0.2), @n8n/backend-test-utils (>=0.26.0 <=0.26.9) +17 more potentially affected by CVE-2026-25052 via n8n-core (>=1.0.0 <=1.122.11)

n8n-core NPM version =1.0.0, =1.0.1, =0.26.0, =0.34.0, =1.37.0, =1.0.0, =0.1.0, =1.0.1, =0.3.3, =0.3.1, =1.1.0, =0.1.4, =0.4.10, =0.2.0, =0.2.1 - n8n-nodes-teamdeck =1.3.1 and more Source cves: CVE-2026-25052 Source advisory: SNYK:JS-N8NCORE-15223381...

9.9CVSS6AI score0.00306EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/02/04 6:25 p.m.9 views

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-25052 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-25052 Source advisory: OSV:GHSA-GFVG-QV54-R4PC...

9.9CVSS6AI score0.00306EPSS
Exploits0
osv
osv
added 2026/02/04 4:47 p.m.4 views

CVE-2026-25052 n8n Improper File Access Controls Allow Arbitrary File Read by Authenticated Users

n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...

9.4CVSS5.4AI score0.00306EPSS
Exploits0References3
cvelist
cvelist
added 2026/02/04 4:47 p.m.29 views

CVE-2026-25052 n8n Improper File Access Controls Allow Arbitrary File Read by Authenticated Users

n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...

9.4CVSS0.00306EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/02/04 4:47 p.m.3 views

CVE-2026-25052

n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...

9.4CVSS5.4AI score0.00306EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder