n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shaped node parameters

Summary In affected versions of n8n-mcp, the workflow telemetry sanitizer could retain partial fragments of URL-shaped node parameters before sending workflow data to the project's anonymous telemetry backend. Values placed in HTTP-Request-style node parameters — such as customer or tenant...

GHSA-F3RG-XQJJ-CJ9W n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shaped node parameters

Summary In affected versions of n8n-mcp, the workflow telemetry sanitizer could retain partial fragments of URL-shaped node parameters before sending workflow data to the project's anonymous telemetry backend. Values placed in HTTP-Request-style node parameters — such as customer or tenant...

Insertion of Sensitive Information Into Sent Data

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the telemetry sanitization process in event-validator.ts. An operator with access to the...

PT-2026-41690

Name of the Vulnerable Software and Affected Versions n8n-MCP versions prior to 2.51.3 Description The workflow telemetry sanitizer may retain partial fragments of URL-shaped node parameters before transmitting workflow data to the anonymous telemetry backend. This allows values within...

Security fix for the ALT Linux 10 package thunderbird version 91.3.0-alt1

91.3.0-alt1 built Nov. 10, 2021 Andrey Cherepanov in task 288818 Nov. 3, 2021 Andrey Cherepanov - New version. - Security fixes: + CVE-2021-38503 iframe sandbox rules did not apply to XSLT stylesheets + CVE-2021-38504 Use-after-free in file picker dialog + CVE-2021-38505 Windows 10 Cloud Clipboar...