CVE-2026-12053

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

CVE-2026-12537

Summary (CVE-2026-12537) : The vulnerability affects Google Gemini CLI container launcher (versions prior to 0.39.1) and the run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms. It stems from improper neutralization in an OS command, enabling an unprivileged attacker ...

PraisonAI - Authentication Bypass

PraisonAI 2.5.6 to 4.6.34 contains a broken authentication caused by disabled default authentication in legacy Flask API server, letting remote attackers access /agents and trigger workflows without token, exploit requires network access to API server. id: CVE-2026-44338 info: name: PraisonAI -...

CVE-2026-54307

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...

CVE-2026-54307

CVE-2026-54307 affects n8n, an open source workflow automation platform. The vulnerability allows a member-level user with Editor access to a shared workflow to reference credentials they do not own via specific public API endpoints because credential ownership checks were only partially enforced...

EUVD-2026-38377

n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signature verification. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary data, spoofing GitHub webhoo...

CVE-2025-71331

Flowise (pre-3.0.8) exposes a Cross-Site Scripting (XSS) vulnerability due to insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript via an iframe payload in chat or have a custom agent function return an external XSS payload. The inj...

ROOT-APP-GOBINARY-CVE-2026-42296 CVE-2026-42296 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2026-42296 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

ROOT-APP-GOBINARY-CVE-2026-42294 CVE-2026-42294 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2026-42294 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

ROOT-APP-GOBINARY-CVE-2025-62156 CVE-2025-62156 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2025-62156 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

ROOT-APP-GOBINARY-CVE-2026-28229 CVE-2026-28229 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2026-28229 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

ROOT-APP-GOBINARY-CVE-2024-53862 CVE-2024-53862 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2024-53862 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

ROOT-APP-GOBINARY-CVE-2025-66626 CVE-2025-66626 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2025-66626 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

ROOT-APP-GOBINARY-CVE-2026-31892 CVE-2026-31892 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2026-31892 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

CVE-2026-12567

The githubworkflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker sharing the scan directory can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location...

CVE-2026-12567 Symlink-following arbitrary write via github_workflows module

The githubworkflows module constructs local directory paths from user-controlled repository names without validating for symlinks. A local attacker sharing the scan directory can plant a symlink at the predictable output path, causing workflow data to be written to an attacker-chosen location...

CVE-2026-12567

CVE-2026-12567 affects the github_workflows module. It constructs local directory paths from user-controlled repository names without validating for symlinks, enabling a local attacker sharing the scan directory to plant a symlink at a predictable output path. This can cause workflow data to be w...

CVE-2025-66391

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account...

PT-2026-50562

Name of the Vulnerable Software and Affected Versions github workflows affected versions not specified Description The github workflows module constructs local directory paths using repository names provided by the user without validating for symlinks. A local attacker with access to the scan...

n8n: Credential Exfiltration via Permission Bypass

Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing i...