Lucene search
K

146 matches found

GithubExploit
GithubExploit
added 2025/12/25 8:1 p.m.261 views

Exploit for CVE-2025-68613

n8n Authenticated Expression Injection RCE – CVE-2025-68613...

9.9CVSS7.9AI score0.97875EPSS
Exploits29
Tenable Nessus
Tenable Nessus
added 2025/12/23 12:0 a.m.6 views

n8n Node.js Package 0.211.0 < 1.120.4 / 1.121.0 Remote Code Execution via Expression Injection (CVE-2025-68613)

The version of the n8n Node.js Package installed on the remote host is 0.211.0 prior to 1.120.4, or 1.121.0. It is, therefore, affected by a remote code execution vis expression injection vulnerability: - n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior...

9.9CVSS8.3AI score0.97875EPSS
Exploits29References2
Github Security Blog
Github Security Blog
added 2025/12/22 4:19 p.m.17 views

n8n Vulnerable to Remote Code Execution via Expression Injection

Impact n8n contains a critical Remote Code Execution RCE vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from...

9.9CVSS8.2AI score0.97875EPSS
Exploits29References8Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/19 10:23 p.m.5 views

CVE-2025-68613 n8n Vulnerable to Remote Code Execution via Expression Injection

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution RCE vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated...

9.9CVSS7.5AI score0.97875EPSS
Exploits29References4
OSV
OSV
added 2025/12/19 10:23 p.m.7 views

CVE-2025-68613 n8n Vulnerable to Remote Code Execution via Expression Injection

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution RCE vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated...

9.9CVSS7.8AI score0.97875EPSS
Exploits29References8
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.7 views

Grav 安全漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a code execution vulnerability that stems from malicious Twig expression injection, which can be exploited by an attacker to cause...

8.8CVSS8.7AI score0.00685EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28321

Malware in sbrugna...

9CVSS8.6AI score0.03213EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-14351

Malware in sbrugna...

4.3CVSS4.8AI score0.00599EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28302

Malware in sbrugna...

10CVSS9.2AI score0.06707EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-28275

Malware in sbrugna...

10CVSS9.2AI score0.06707EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2021-32236

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01874EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19270

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01226EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37421

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00602EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/18 10:3 p.m.9 views

CVE-2025-53192

An expression injection flaw has been discovered in the Apache Commons OGNL library. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods. Although OgnlRuntime attempts to...

8.8CVSS7.2AI score0.0052EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/18 8:9 p.m.26 views

CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities...

0.0052EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/18 8:9 p.m.5 views

CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities...

7.7AI score0.0052EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:30 a.m.19 views

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL Spring Expression Language expression injection vulnerability via the Data Viewing interface...

9.8CVSS7.7AI score0.0282EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.4 views

CVE-2023-28430

OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues types: closed i.e., when an Issue is closed. The workflow starts with full write-permissions GitHub repository token since the default workflow permissions on...

8.1CVSS7.1AI score0.00905EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:23 a.m.6 views

CVE-2022-34466

A vulnerability has been identified in Mendix Applications using Mendix 9 All versions = V9.11 V9.15, Mendix Applications using Mendix 9 V9.12 All versions V9.12.3. An expression injection vulnerability was discovered in the Workflow subsystem of Mendix Runtime, that can affect the running...

6.5CVSS6.5AI score0.00602EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 p.m.7 views

CVE-2021-21479

In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system...

9.1CVSS7AI score0.09993EPSS
Exploits0References1
Rows per page
Query Builder