3 matches found
EUVD-2026-42612
n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated reques...
n8n Node.js Package < 1.123.9 / 2.x < 2.2.1 Stored XSS (CVE-2026-25054)
The version of the n8n Node.js Package installed on the remote host is prior to 1.123.9, or 2.x prior to 2.2.1. It is, therefore, affected by a stored cross-site scripting vulnerability: - A cross-site scripting XSS vulnerability existed in a markdown rendering component used in n8n's interface,...
PT-2021-24204 · Knime · Knime Analytics Platform
Name of the Vulnerable Software and Affected Versions: KNIME Analytics Platform versions prior to 4.5.0 Description: The issue concerns an external XML entity injection XXE vulnerability. It can be exploited via a crafted workflow file .knwf. Recommendations: For versions prior to 4.5.0, update t...