9 matches found
GHSA-FXCW-H3QJ-8M8P n8n Has External Secrets Authorization Bypass in Credential Saving
Impact An authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the externalSecret:list permission check and allowed access to secrets stored in...
Incorrect Authorization
Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Incorrect Authorization when saving credentials. An authenticated user can access plaintext values of secrets stored in external vaults by referencing a secret's external name in a credential,...
n8n Has External Secrets Authorization Bypass in Credential Saving
Impact An authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the externalSecret:list permission check and allowed access to secrets stored in...
CVE-2026-33722 n8n Has External Secrets Authorization Bypass in Credential Saving
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...
CVE-2026-33722
CVE-2026-33722 (n8n) : An authenticated-but-low-privilege user could bypass the external secret list permission by referencing a secret by its external name in a credential, gaining plaintext access to secrets in connected vaults. The issue requires an instance with an external secrets vault conf...
CVE-2026-33722 n8n Has External Secrets Authorization Bypass in Credential Saving
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...
CVE-2026-33722 n8n Has External Secrets Authorization Bypass in Credential Saving
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...
CVE-2005-0921
Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy...
Internet Explorer help
None None...