Lucene search
+L

651 matches found

Veracode
Veracode
added 4 days ago10 views

Improper Authorization

n8n-mcp is vulnerable to Improper Authorization. The vulnerability is due to insufficient tenant isolation in multi-tenant HTTP mode, which allows an authenticated tenant to access locally stored workflow version backups outside of its assigned tenant scope...

5.4CVSS6.1AI score0.00281EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:55 p.m.43 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
OSV
OSV
added 2026/06/26 8:55 p.m.7 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS6.1AI score0.00386EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:27 p.m.10 views

CVE-2026-53106

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF local storage. This vulnerability can lead to a system deadlock when local storage is deleted within a Non-Maskable Interrupt NMI context. An attacker could potentially exploit this by triggering the deletion of BPF local storage...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 12:32 a.m.12 views

EUVD-2025-210339

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

9.3CVSS6.6AI score0.00611EPSS
Exploits1References3
CVE
CVE
added 2026/06/25 9:41 p.m.32 views

CVE-2025-71333

Flowise (v2.2.4) contains an unauthenticated arbitrary file upload vulnerability at the /api/v1/attachments endpoint when storageType is set to local. The issue allows path traversal via chatId and chatflowId parameters to upload files to arbitrary directories, potentially enabling remote code ex...

9.8CVSS6.6AI score0.00611EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:41 p.m.9 views

CVE-2025-71333

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

9.3CVSS6.6AI score0.00611EPSS
Exploits1References3
OSV
OSV
added 2026/06/25 9:41 p.m.3 views

CVE-2025-71333 Flowise - Arbitrary File Upload via Unauthenticated /api/v1/attachments Endpoint

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

9.3CVSS6.7AI score0.00611EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/25 9:41 p.m.27 views

CVE-2025-71333 Flowise - Arbitrary File Upload via Unauthenticated /api/v1/attachments Endpoint

Flowise through 2.2.4 contains an unauthenticated arbitrary file upload vulnerability in the /api/v1/attachments endpoint when storageType is set to local. Attackers can exploit path traversal in the chatId and chatflowId parameters to upload malicious files to arbitrary directories, potentially...

9.3CVSS0.00611EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.15 views

PT-2026-52612

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 2.2.5 Description An unauthenticated arbitrary file upload issue exists when storageType is set to local. This allows attackers to use path traversal—a technique used to access files and directories outside the intend...

9.3CVSS6.5AI score0.00611EPSS
Exploits1References7
NVD
NVD
added 2026/06/24 5:17 p.m.19 views

CVE-2026-53106

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not allow deleting local storage in NMI Currently, local storage may deadlock when deferring freeing selem or local storage through kfreercu, callrcu or callrcutaskstrace in NMI or reentrant. Since deleting selem in NMI i...

0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:30 p.m.14 views

CVE-2026-53106

CVE-2026-53106 affects the Linux kernel BPF storage deletion flow. The issue arises when local storage is freed via kfree_rcu(), call_rcu(), or call_rcu_tasks_trace() in NMI or reentrant contexts, which can lead to a deadlock. The documented mitigation in NMI is to return an error from bpf_xxx_st...

5.8AI score0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52000

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the Linux kernel when deleting local storage within a Non-Maskable Interrupt NMI or reentrant context. This happens when freeing storage elements through kfree rc...

6AI score0.00145EPSS
Exploits0References12
NVD
NVD
added 2026/06/23 9:17 p.m.10 views

CVE-2026-47387

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared form-view submit handler packages/nc-gui/composables/useSharedFormViewStore.ts in NocoDB writes the form's redirecturl to window.location.href after a same-host check that does not validate the URL scheme. A...

8.4CVSS0.00234EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 10:50 a.m.5 views

CVE-2026-4983

Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...

4.1CVSS5.9AI score0.00226EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/23 10:50 a.m.3 views

CVE-2026-4983

Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy or Content-Disposition: attachment. This allows an attacker to publish an extension with a maliciou...

4.1CVSS6AI score0.00226EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-51100

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.7.0 Description The logout button fails to clear the user session, allowing a previous user to remain logged in unless another user explicitly authenticates. This occurs because the '/logout' endpoint deletes...

6.1CVSS5.9AI score0.00152EPSS
Exploits1References10
NVD
NVD
added 2026/06/11 8:16 p.m.12 views

CVE-2026-53781

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS0.00329EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/11 7:11 p.m.33 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS0.00329EPSS
Exploits0References4
CVE
CVE
added 2026/06/11 7:11 p.m.22 views

CVE-2026-53781

The CVE affects the Summarize utility prior to version 0.17.0. Vulnerable path is the temp-file-based media download, where an unbounded response can be streamed via the download/response path, causing disk and resource exhaustion. Root cause: responses bypass the enforced size limit due to missi...

5.3CVSS5.5AI score0.00329EPSS
Exploits0References4
Rows per page
Query Builder