n8n Unsafe Workflow Expression Evaluation Allows Remote Code Execution

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

CVE-2026-1470

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

Eval Injection

Overview n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Eval Injection during the Expression evaluation workflow. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not...

CVE-2026-1470

CVE-2026-1470 affects n8n: a critical Remote Code Execution in the workflow Expression evaluation system where expressions from authenticated users are evaluated in a runtime context that isn’t sufficiently isolated. This allows an authenticated attacker to execute arbitrary code with the n8n pro...

CVE-2026-1470 Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

EUVD-2026-4839

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

CVE-2026-1470 Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

n8n security vulnerabilities

n8n is an open-source, scalable workflow automation tool developed by n8n. n8n has a security vulnerability, which stems from insufficient isolation of the workflow expression evaluation system. This vulnerability could lead to remote code execution...

Burp Suite 2025.12.4 Extension Advanced ReDoS Detector

This Burp Suite Java extension integrates an advanced timing-based ReDoS detection engine into Burp's Active Scanner. It automatically tests HTTP parameters using crafted payloads to identify exponential regex backtracking vulnerabilities. The extension performs warm-up requests, collects baselin...

Spring Framework DoS (CVE-2024-38808, CVE-2024-38809 and CVE-2024-22262)

The Spring Framework vulnerabilities identified are located within open source components utilized by Brocade SANnav, however none of these vulnerabilities are in the executable code path. As a part of good security practice, the open source component was updated in the Brocade SANnav 3.0.0...

CVE-2026-23956

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 0.2.0 through 1.4.0, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegE...

CVE-2026-23956 seroval affected by Denial of Service via RegExp serialization

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 0.2.0 through 1.4.0, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegE...

CVE-2026-23956 seroval affected by Denial of Service via RegExp serialization

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegExp...

CVE-2026-23956

CVE-2026-23956 concerns the seroval JavaScript value-stringification library. A flaw in RegExp serialization during deserialization allows memory exhaustion and, in some cases, Regular Expression Denial of Service (ReDoS). Affected versions are 1.4.0 and below; the issue is fixed in 1.4.1. Public...

Azure Linux 3.0 Security Update: keda (CVE-2021-42836)

The version of keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-42836 advisory. - GJSON before 1.9.3 allows a ReDoS regular expression denial of service attack. CVE-2021-42836 Note that Nessus...

CVE-2026-23990

The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows...

GHSA-4XH5-JCJ2-CH8Q Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims

A privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows an attacker to bypass Kubernetes RBAC impersonation and execute API requests with the operator's service account privileges. After OIDC token claims are processed through CEL expressions, there...

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:seroval is a Stringify JS values Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the RegExp serialization process. An attacker can cause the exhaustion of JavaScript runtime memory or trigger catastrophic backtracking by...

seroval affected by Denial of Service via RegExp serialization

Overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegExp serialization with patterns that trigger catastrophic backtracking can lead to ReDoS Regular Expression Denial of Service. Mitigation: Serova...

GHSA-HX9M-JF43-8FFR seroval affected by Denial of Service via RegExp serialization

Overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegExp serialization with patterns that trigger catastrophic backtracking can lead to ReDoS Regular Expression Denial of Service. Mitigation: Serova...