11 matches found
ROOT-APP-NPM-CVE-2026-27795 CVE-2026-27795 in @rootio/langchain__community - Patched by Root
Root has patched CVE-2026-27795 in the @rootio/langchaincommunity package for Root:npm. Multiple fixed versions available...
CVE-2026-21893
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system...
CVE-2026-21893
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system...
GHSA-7C4H-VH2M-743M n8n Vulnerable to Command Injection in Community Package Installation
Impact A Command Injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system commands on the n8n host under specific conditions. Important context - Exploitation...
Command Injection
Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Command Injection in the community package installation functionality. An attacker can execute arbitrary system commands by supplying crafted input as an authenticated user with administrative...
CVE-2026-21893 n8n Vulnerable to Command Injection in Community Package Installation
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system...
CVE-2026-21893
Summary of CVE-2026-21893 (n8n): A command injection vulnerability existed in n8n’s community package installation functionality from versions 0.187.0 up to before 1.120.3, allowing authenticated users with administrative permissions to execute arbitrary system commands on the n8n host under cert...
EUVD-2026-5369
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system...
CVE-2026-21893 n8n Vulnerable to Command Injection in Community Package Installation
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system...
CVE-2026-21893 n8n Vulnerable to Command Injection in Community Package Installation
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute arbitrary system...
CVE-2025-2828
A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...