CVE-2026-42230

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirecturi values to be registered. When a user denies the MCP OAuth consent dialog,...

Gradient 访问控制错误漏洞

Gradient is a modern Nix continuous integration system developed by Wavelens. Version 1.1.0 of Gradient contains an access control vulnerability caused by unvalidated registration credentials. This vulnerability allows attackers to register as working nodes and access arbitrary storage paths...