@n8n/backend-test-utils (>=1.0.0 <=1.17.1) potentially affected by CVE-2026-42227 via @n8n/db (>=1.0.0-rc.0 <=1.17.1)

@n8n/db NPM version =1.0.0-rc.0, =1.0.0, =1.17.1 Source cves: CVE-2026-42227 Source advisory: SNYK:JS-N8NDB-16351626...

PT-2026-26306

The backend database management connection test feature in wgcloud v3.6.3 has a server-side request forgery SSRF vulnerability. This issue can be exploited to make the server send requests to probe the internal network, remotely download malicious files, and perform other dangerous operations...

PT-2026-26305

CVE-2026-30403 There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read a… https://t.co/WiMRkDP1zD...

@n8n/backend-test-utils (=0.26.0), @n8n/db (=0.34.0) +2 more potentially affected by CVE-2026-25051 via n8n-core (=1.122.0)

n8n-core NPM version =1.122.0 is affected by a known vulnerability. The following packages have a transitive dependency on n8n-core and may be impacted: - @n8n/backend-test-utils =0.26.0 - @n8n/db =0.34.0 - @n8n/task-runner =1.59.0 - n8n-node-dev =1.121.0 Source cves: CVE-2026-25051 Source...