10048 matches found
PT-2026-6863
Vulnerability Description In the endpoint: /username/reponame/settings/hooks/git/:name the :name parameter: Is URL-decoded by macaron routing, allowing decoded slashes / Is then passed directly to: go git.Repository.Hook"custom hooks", name which internally resolves the path as: go...
PT-2026-6745
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.4 Gogs versions 0.14.0+dev Description Gogs, a self-hosted Git service, is affected by a critical remote code execution RCE issue. This issue allows attackers to rewrite the .git/config file via an API, potentially...
CVE-2026-25053
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
CVE-2025-68119
A flaw was found in Golang's cmd/go module. This vulnerability allows a local attacker to achieve local code execution by downloading and building modules with specially crafted malicious version strings. On systems with Mercurial hg installed, this can occur when downloading modules from...
Command Injection
Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Command Injection via the Git node. An attacker can execute arbitrary system commands or read arbitrary files on the host by creating or modifying workflows as an authenticated user with the necessa...
n8n has OS Command Injection in Git Node
Impact Vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. Patches The issue has been fixed in n8n versions 2.5.0, and 1.123.10. Users should upgrade to this version...
GHSA-9G95-QF3F-GGRW n8n has OS Command Injection in Git Node
Impact Vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. Patches The issue has been fixed in n8n versions 2.5.0, and 1.123.10. Users should upgrade to this version...
CVE-2026-25053
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
EUVD-2026-5418
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
CVE-2026-25053
CVE-2026-25053 affects n8n's Git node, where authenticated users with workflow creation/modification permissions could execute arbitrary system commands or read arbitrary files on the n8n host. The issue is fixed in versions 1.123.10 and 2.5.0; users should upgrade to at least these releases. If ...
CVE-2026-25053
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
CVE-2026-25053 n8n is Vulnerable to OS Command Injection in Git Node
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
CVE-2026-25053 n8n is Vulnerable to OS Command Injection in Git Node
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
CVE-2026-25053 n8n is Vulnerable to OS Command Injection in Git Node
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been...
n8n 操作系统命令注入漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.10 and 2.5.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from vulnerabilities in the Git node, potentially allowing for the execution o...
PT-2026-6262
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.10 n8n versions prior to 2.5.0 Description n8n, an open source workflow automation platform, contains a flaw in the Git node. This allows authenticated users with create or modify permissions for workflows to execut...
Ubuntu: Security Advisory (USN-7984-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2026-6403
Impact Vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. Patches The issue has been fixed in n8n versions 2.5.0, and 1.123.10. Users should upgrade to this version...
KLA90931 OSI vulnerability in Git for Windows
Information disclosure vulnerability was found in Git for Windows. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories Git for Windows 2.53.0 Exploitation Related products Git-for-Windows CVE list CVE-2025-66413 high Solution Update to the latest...
kernel security update
6.12.0-124.31.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...