10863 matches found
ROOT-APP-NPM-GHSA-8H8Q-6873-Q5FJ GHSA-8h8q-6873-q5fj in @rootio/next - Patched by Root
Root has patched GHSA-8h8q-6873-q5fj in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44577 CVE-2026-44577 in @rootio/next - Patched by Root
Root has patched CVE-2026-44577 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44573 CVE-2026-44573 in @rootio/next - Patched by Root
Root has patched CVE-2026-44573 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44581 CVE-2026-44581 in @rootio/next - Patched by Root
Root has patched CVE-2026-44581 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44579 CVE-2026-44579 in @rootio/next - Patched by Root
Root has patched CVE-2026-44579 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44578 CVE-2026-44578 in @rootio/next - Patched by Root
Root has patched CVE-2026-44578 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44575 CVE-2026-44575 in @rootio/next - Patched by Root
Root has patched CVE-2026-44575 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-45292 CVE-2026-45292 in io.root.io.opentelemetry:opentelemetry-api - Patched by Root
Root has patched CVE-2026-45292 in the io.root.io.opentelemetry:opentelemetry-api package for Root:Maven. Multiple fixed versions available...
CVE-2026-54308
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to...
CVE-2026-45732
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, the OAuth1 and OAuth2 credential reconnect endpoints authorized access using credential:read rather than credential:update. An authenticated user with read-only access to a shared credential could initiate ...
CVE-2026-44791
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...
ROOT-APP-MAVEN-CVE-2025-66168 CVE-2025-66168 in io.root.org.apache.activemq:activemq-mqtt - Patched by Root
Root has patched CVE-2025-66168 in the io.root.org.apache.activemq:activemq-mqtt package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41044 CVE-2026-41044 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-41044 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-39304 CVE-2026-39304 in io.root.org.apache.activemq:activemq-client - Patched by Root
Root has patched CVE-2026-39304 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41043 CVE-2026-41043 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-41043 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-34197 CVE-2026-34197 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-34197 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-33227 CVE-2026-33227 in io.root.org.apache.activemq:activemq-client - Patched by Root
Root has patched CVE-2026-33227 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...
CVE-2026-54309
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the...
CVE-2026-44791 n8n: XML Node Prototype Pollution Patch Bypass
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...
CVE-2026-44790 n8n: Arbitrary File Read via Git Node
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leadi...