Lucene search
+L

13 matches found

NVD
NVD
added 2026/07/08 2:17 p.m.8 views

CVE-2026-56775

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions...

5.4CVSS0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 1:49 p.m.10 views

CVE-2026-56775

CVE-2026-56775 affects n8n prior to 1.123.55, 2.25.7, and 2.26.2. The issue is an authorization vulnerability in three mutating evaluation test-run endpoints that grant state-changing actions under the workflow:read scope instead of the action-appropriate workflow:execute scope. On systems using ...

5.4CVSS6AI score0.00176EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/08 1:49 p.m.7 views

EUVD-2026-42262

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions...

5.4CVSS6AI score0.00176EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 1:49 p.m.4 views

CVE-2026-56775 n8n - Incorrect OAuth Scope Validation in Evaluation Test Runs Endpoints

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions...

5.3CVSS6.1AI score0.00176EPSS
Exploits0References4
OSV
OSV
added 2026/06/17 1:55 p.m.19 views

GHSA-664H-GPGQ-H6XX n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints

Impact Three mutating endpoints in the evaluation test runs controller authorized state-changing actions using workflow:read instead of the action-appropriate workflow:execute scope. An authenticated user with project:viewer role on a project could start new evaluation test runs, cancel in-flight...

5.4CVSS5.5AI score0.00176EPSS
Exploits0References2
NVD
NVD
added 2022/11/03 2:15 p.m.27 views

CVE-2022-44623

In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings...

7.5CVSS0.00534EPSS
Exploits0References1
OSV
OSV
added 2022/11/03 2:15 p.m.6 views

CVE-2022-44623

In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings...

7.5CVSS5.8AI score0.00534EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/03 12:0 a.m.7 views

CVE-2022-44623

In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings...

6.5CVSS7.5AI score0.00534EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/03 12:0 a.m.33 views

CVE-2022-44623

In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings...

6.5CVSS7.7AI score0.00534EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/03 12:0 a.m.13 views

PT-2022-27267 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2022.10 Description: The issue allows a Project Viewer to see scrambled secure values in the MetaRunner settings. Recommendations: For versions prior to 2022.10, update to version 2022.10 or later to resol...

7.5CVSS7.5AI score0.00534EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/03 12:0 a.m.5 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis, and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity versions 2021.2...

7.5CVSS7.4AI score0.00534EPSS
Exploits0References2
CVE
CVE
added 2022/11/03 12:0 a.m.63 views

CVE-2022-44623

JetBrains TeamCity versions before 2022.10 are affected. The issue allows the Project Viewer to see scrambled secure values in MetaRunner settings, exposing confidential information. The Red Hat/PRION/PT-security entries corroborate the same description and indicate remediation guidance: upgrade ...

7.5CVSS7.5AI score0.00534EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2019/10/11 4:30 p.m.40 views

CVE-2017-15138

An improper authorization flaw in the atomic-openshift component of Openshift Container Platform 3.7 and earlier allows a user with cluster-reader project viewer permissions to trigger an application build. An attacker could use this flaw to trigger a build of an application when that should be...

5CVSS3.7AI score0.00895EPSS
Exploits0References1
Rows per page
Query Builder