146 matches found
Exploit for CVE-2025-68613
n8n Authenticated Expression Injection RCE – CVE-2025-68613...
n8n Node.js Package 0.211.0 < 1.120.4 / 1.121.0 Remote Code Execution via Expression Injection (CVE-2025-68613)
The version of the n8n Node.js Package installed on the remote host is 0.211.0 prior to 1.120.4, or 1.121.0. It is, therefore, affected by a remote code execution vis expression injection vulnerability: - n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior...
n8n Vulnerable to Remote Code Execution via Expression Injection
Impact n8n contains a critical Remote Code Execution RCE vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from...
CVE-2025-68613 n8n Vulnerable to Remote Code Execution via Expression Injection
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution RCE vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated...
CVE-2025-68613 n8n Vulnerable to Remote Code Execution via Expression Injection
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution RCE vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated...
Grav 安全漏洞
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a code execution vulnerability that stems from malicious Twig expression injection, which can be exploited by an attacker to cause...
EUVD-2020-28321
Malware in sbrugna...
EUVD-2017-14351
Malware in sbrugna...
EUVD-2020-28302
Malware in sbrugna...
EUVD-2020-28275
Malware in sbrugna...
EUVD-2021-32236
Malicious code in bioql PyPI...
EUVD-2024-19270
Malicious code in bioql PyPI...
EUVD-2022-37421
Malicious code in bioql PyPI...
CVE-2025-53192
An expression injection flaw has been discovered in the Apache Commons OGNL library. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods. Although OgnlRuntime attempts to...
CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities...
CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities...
CVE-2024-37759
DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...
CVE-2023-28430
OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues types: closed i.e., when an Issue is closed. The workflow starts with full write-permissions GitHub repository token since the default workflow permissions on...
CVE-2022-34466
A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...
CVE-2021-21479
In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system...