4 matches found
CVE-2026-44487
Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’s Node.js HTTP adapter may forward a Proxy-Authorization header to a redirected origin during specific proxy-to-direct redirect flows. This affects Node.js usage, where an initial HTTP request is...
PT-2026-34911
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "of find node by path"/"" with "of root" to avoid multiple calls to "of node put". 2. Fix a potential kernel oops during early boot when memory allocation fails while...
PT-2025-49610
Name of the Vulnerable Software and Affected Versions n8n versions 0.123.1 through 1.119.1 Description n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 lack sufficient protections against Remote Code Execution RCE through the project's pre-commit hooks. The Add...
GHSA-PPPG-CPFQ-H7WR JSONPath Plus Remote Code Execution (RCE) Vulnerability
Versions of the package jsonpath-plus before 10.0.7 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. Note: There were several attempts to fix it in versions...