7 matches found
n8n Node.js Package < 1.123.18 / 2.x < 2.5.0 Arbitrary File Read (CVE-2026-25052)
The version of the n8n Node.js Package installed on the remote host is prior to 1.123.18, or 2.x prior to 2.5.0. It is, therefore, affected by an arbitrary file read vulnerability: - A vulnerability in the file access controls allows authenticated users with permission to create or modify workflo...
CVE-2026-25052
creationtimestamp| type| source ---|---|--- 2026-02-05 08:08:06+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-n8n-1 2026-02-05 22:01:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me5fbnmhoe2h 2026-02-05 22:02:01+00:00| seen|...
@klardaten/n8n-nodes-datevconnect (>=1.0.1 <=1.0.2), @n8n/backend-test-utils (>=0.26.0 <=0.26.9) +17 more potentially affected by CVE-2026-25052 via n8n-core (>=1.0.0 <=1.122.11)
n8n-core NPM version =1.0.0, =1.0.1, =0.26.0, =0.34.0, =1.37.0, =1.0.0, =0.1.0, =1.0.1, =0.3.3, =0.3.1, =1.1.0, =0.1.4, =0.4.10, =0.2.0, =0.2.1 - n8n-nodes-teamdeck =1.3.1 and more Source cves: CVE-2026-25052 Source advisory: SNYK:JS-N8NCORE-15223381...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-25052 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-25052 Source advisory: OSV:GHSA-GFVG-QV54-R4PC...
CVE-2026-25052 n8n Improper File Access Controls Allow Arbitrary File Read by Authenticated Users
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...
CVE-2026-25052 n8n Improper File Access Controls Allow Arbitrary File Read by Authenticated Users
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...
CVE-2026-25052
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...