5 matches found
@n8n/ai-workflow-builder (>=1.10.0 <=1.20.1), @n8n/backend-common (>=1.19.0 <=1.20.1) +8 more potentially affected by CVE-2026-44792 via @n8n/api-types (>=1.0.0-rc.0 <=1.20.0)
@n8n/api-types NPM version =1.0.0-rc.0, =1.10.0, =1.19.0, =1.0.0, =1.3.0, =1.0.0, =1.19.0, =1.0.0, =2.0.0, =2.19.0, =2.19.0, =2.20.2 Source cves: CVE-2026-44792 Source advisory: SNYK:JS-N8NAPITYPES-16726403...
User Impersonation
Overview @n8n/rest-api-client is a This package contains the REST API calls for n8n. Affected versions of this package are vulnerable to User Impersonation in the account linking when LDAP authentication is enabled. An attacker can gain unauthorized access to another user's account, including...
Malicious code in your-dpd-rest-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57f29438d66f642d44c66209d9219a5bce9c31f2cdb3437e711193f13af28113 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-7941 Malicious code in your-dpd-rest-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57f29438d66f642d44c66209d9219a5bce9c31f2cdb3437e711193f13af28113 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the Kubeclient::Config implementation in the REST API client for Kubernetes allows a attacker to perform a “man-in-the-middle” attack.
The vulnerability of the Kubeclient::Config implementation for the REST API client of Kubernetes allows for certificate validation process errors. Exploiting this vulnerability could enable a malicious actor to carry out a “man-in-the-middle” attack...