4728 matches found
n8n >= 0.123.0 and < 1.121.3 - Remote Code Execution
n8n versions = 0.123.0 and = 0.123.0 and = 0.123.0 and 1.121.3 contain a critical authenticated remote code execution vulnerability via arbitrary file write. An authenticated user can exploit the Git node to overwrite critical files and execute untrusted code on the n8n server, potentially leadin...
Fortra FileCatalyst Workflow <= v5.1.6 - SQL Injection
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...
JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object. id: CVE-2017-5983 info: name:...
CVE-2026-55576
MaaAssistantArknights is a one-click tool for daily Arknights tasks. In the current dev-v2 workflow, .github/workflows/release-preparation.yml inlined attacker-controlled github.event.pullrequest.title into a run: shell command during the pullrequest opened, reopened, and readyforreview events, s...
CVE-2026-55608
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.57.4, multi-tenant HTTP mode with ENABLEMULTITENANT=true could allow an authenticated tenant to access default-scope workflowversions backups instead of being confined to...
CVE-2026-54052
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.56.1, in HTTP mode with multi-tenancy enabled through ENABLEMULTITENANT=true, n8n-mcp's local workflow version history backups were not isolated per tenant, allowing an...
CVE-2026-55608
n8n-mcp prior to 2.57.4 is affected. In multi-tenant HTTP mode (ENABLE_MULTI_TENANT=true), an authenticated MCP HTTP tenant could access default-scope workflow_versions backups rather than its own tenant scope, potentially reading or deleting backups from prior single-tenant deployments or migrat...
CVE-2026-54052
n8n-MCP (HTTP mode with multi-tenancy enabled via ENABLE_MULTI_TENANT=true) is affected prior to version 2.56.1. An authenticated tenant could read and delete other tenants’ workflow version backups, including full node definitions, credential references, and authorization headers, due to backups...
CVE-2026-61643
FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, an authenticated FastGPT user can save a workflow node that points to another user's private HTTP toolset by using a crafted saved tool id such as http-/. The normal toolset routes deny access, but the workflow...
CVE-2026-61643
FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, an authenticated FastGPT user can save a workflow node that points to another user's private HTTP toolset by using a crafted saved tool id such as http-/. The normal toolset routes deny access, but the workflow...
CVE-2026-61643
CVE-2026-61643 affects FastGPT (versions 4.14.17 through 4.15.0-beta5). An authenticated user can save a workflow node that points to another user's private HTTP toolset by crafting a saved tool id (e.g., http-/). While normal toolset routes deny access, the workflow save and runtime path did not...
CVE-2026-50562
FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...
CVE-2026-54562
Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...
CVE-2026-61438
PraisonAI before 4.6.78 contains a remote code execution vulnerability in JobWorkflowExecutor.execinlinepython due to insufficient AST validation of workflow script steps. Attackers can create malicious YAML workflow files with import os statements followed by os.system calls that bypass sandbox...
CVE-2026-56349
n8n before version 2.10.0 contains an input validation vulnerability in the Guardrail node that allows attackers to bypass default guardrail instructions. End users can craft malicious inputs to circumvent guardrail protections and compromise workflow integrity...
CVE-2026-56352
n8n before 2.19.3 contains a file path restriction bypass in the legacy ExecuteWorkflow node's localFile source option, which reads workflow files from disk without the file-access checks enforced by other file-reading nodes. Although hidden from the UI since v1.2, it remains reachable via the RE...
EUVD-2026-44643
PraisonAI before 4.6.78 contains a remote code execution vulnerability in JobWorkflowExecutor.execinlinepython due to insufficient AST validation of workflow script steps. Attackers can create malicious YAML workflow files with import os statements followed by os.system calls that bypass sandbox...
CVE-2026-61438 PraisonAI before 4.6.78 Remote Code Execution via Broken AST Sandbox
PraisonAI before 4.6.78 contains a remote code execution vulnerability in JobWorkflowExecutor.execinlinepython due to insufficient AST validation of workflow script steps. Attackers can create malicious YAML workflow files with import os statements followed by os.system calls that bypass sandbox...
CVE-2026-59259 n8n - Permission Bypass via Expression Parser Mismatch in External Secrets
n8n before versions 1.123.61, 2.27.4, and 2.28.1 contains a permission bypass vulnerability in external secrets handling caused by a mismatch between the static validation check and the runtime expression engine. An authenticated user with credential create or update permissions but without the...
EUVD-2026-44635
n8n before versions 1.123.61, 2.27.4, and 2.28.1 contains a permission bypass vulnerability in external secrets handling caused by a mismatch between the static validation check and the runtime expression engine. An authenticated user with credential create or update permissions but without the...