Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Snyk
Snykadded 2026/05/04 8:11 p.m.7 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...

8.6CVSS5.8AI score0.00035EPSS
Exploits1References2
The Hacker News
The Hacker Newsadded 2026/02/05 6:16 a.m.17 views

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 CVSS score: 9.4, is the result of inadequate sanitization that bypasse...

9.9CVSS7.9AI score0.65759EPSS
Exploits30
ATTACKERKB
ATTACKERKBadded 2026/02/04 4:46 p.m.1 views

CVE-2026-25049

n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue h...

9.4CVSS5.5AI score0.00045EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2025/10/11 1:5 p.m.2 views

CVE-2025-62239

Cross-site scripting XSS vulnerability in workflow process builder in Liferay Portal 7.4.3.21 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 21 through update 92 allows remote authenticated attackers to inject arbitrary web script or HT...

4.6CVSS5.9AI score0.00028EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2021-31887

Malicious code in bioql PyPI...

4.7CVSS5AI score0.00329EPSS
Exploits0References4
NVD
NVDadded 2021/12/16 5:15 a.m.9 views

CVE-2021-45096

KNIME Analytics Platform before 4.5.0 is vulnerable to XXE external XML entity injection via a crafted workflow file .knwf, aka AP-17730...

4.7CVSS0.00329EPSS
Exploits0References4
OSV
OSVadded 2021/12/16 5:15 a.m.1 views

CVE-2021-45096

KNIME Analytics Platform before 4.5.0 is vulnerable to XXE external XML entity injection via a crafted workflow file .knwf, aka AP-17730...

4.3CVSS5.8AI score
Exploits0References4
Cvelist
Cvelistadded 2021/12/16 12:0 a.m.10 views

CVE-2021-45096

KNIME Analytics Platform before 4.5.0 is vulnerable to XXE external XML entity injection via a crafted workflow file .knwf, aka AP-17730...

4.7CVSS5AI score0.00329EPSS
Exploits0References4
CNNVD
CNNVDadded 2021/12/16 12:0 a.m.1 views

Knime Analytics Platform 代码问题漏洞

Knime Analytics Platform is a free open source data analysis, reporting and integration platform from the Swiss company Knime.KNIME Analytics Platform versions prior to 4.5.0 contain a code issue vulnerability that can be exploited by attackers to conduct XXE attacks via crafted workflow files...

4.7CVSS5.7AI score0.00329EPSS
Exploits0References5
PyPA
PyPAadded 2020/06/15 3:15 p.m.5 views

PYSEC-2020-240

A Denial of Service DoS condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service...

6.5CVSS6.6AI score0.00286EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder