2 matches found
CVE-2026-44791 n8n: XML Node Prototype Pollution Patch Bypass
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...
GHSA-WRWR-H859-XH2R n8n Has an XML Node Prototype Pollution Patch Bypass
Impact An authenticated user with permission to create or modify workflows could bypass the patch for GHSA-hqr4-h3xv-9m3r in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. Patches The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users...