GHSA-MXRG-77HM-89HV n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE

Impact An authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the GSuiteAdmin node. By supplying a crafted parameter as part of node configuration, an attacker could write attacker-controlled values onto Object.prototype. An attack...

CVE-2026-33696 n8n Vulnerable to Prototype Pollution in XML & GSuiteAdmin node parameters lead to RCE

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted parameters as part...

CVE-2026-33696 n8n Vulnerable to Prototype Pollution in XML & GSuiteAdmin node parameters lead to RCE

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted parameters as part...

CVE-2026-33696

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted parameters as part...

PT-2026-28079

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.14.1 n8n versions prior to 2.13.3 n8n versions prior to 1.123.27 Description n8n is a workflow automation platform susceptible to a prototype pollution issue in the XML and GSuiteAdmin nodes. An authenticated user with...

MAL-2025-49113 Malicious code in epic-admin-node-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1255c460dbdcbbb4c5eefad802fe2d1622d3208158e6effbcff792792c272f21 The package epic-admin-node-services was found to contain malicious code...

EUVD-2025-37180

Malicious code in epic-admin-node-services npm...

Malicious code in epic-admin-node-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1255c460dbdcbbb4c5eefad802fe2d1622d3208158e6effbcff792792c272f21 The package epic-admin-node-services was found to contain malicious code...

EUVD-2018-17264

Malware in sbrugna...

EUVD-2025-30275

Malicious code in bioql PyPI...

CVE-2025-26516

StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node...

CVE-2025-26516

StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node...

CVE-2025-26516

StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node...

CVE-2025-26516

CVE-2025-26516 affects StorageGRID (formerly StorageGRID Webscale); versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service on the Admin node when exploited by an unauthenticated attacker. The available documents do not specify the exact root cause or exploitation details....

CVE-2025-26516 CVE-2025-26516 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)

StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node...

CVE-2025-26516 CVE-2025-26516 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)

StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a Denial of Service vulnerability. Successful exploit could allow an unauthenticated attacker to cause a Denial of Service on the Admin node...

PT-2025-38605

Name of the Vulnerable Software and Affected Versions StorageGRID versions prior to 11.8.0.15 StorageGRID versions prior to 11.9.0.8 Description StorageGRID formerly StorageGRID Webscale is susceptible to a Denial of Service. A successful exploit could allow an unauthenticated attacker to cause a...

CVE-2018-5495

All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node...

Code injection

All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node...

CVE-2018-5495

All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node...