n8n Node.js Package < 1.123.9 / 2.x < 2.2.1 Stored XSS (CVE-2026-25054)

The version of the n8n Node.js Package installed on the remote host is prior to 1.123.9, or 2.x prior to 2.2.1. It is, therefore, affected by a stored cross-site scripting vulnerability: - A cross-site scripting XSS vulnerability existed in a markdown rendering component used in n8n's interface,...

PT-2021-24204 · Knime · Knime Analytics Platform

Name of the Vulnerable Software and Affected Versions: KNIME Analytics Platform versions prior to 4.5.0 Description: The issue concerns an external XML entity injection XXE vulnerability. It can be exploited via a crafted workflow file .knwf. Recommendations: For versions prior to 4.5.0, update t...