21 matches found
CVE-2026-27496
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
CVE-2026-27496
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
PT-2026-28072
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
n8n 安全漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.22, 2.9.3, and 2.10.1 contained security vulnerabilities. These vulnerabilities stemmed from the JavaScript Task Runner’s ability to allocate uninitialized memory buffers, which could lead to...
CVE-2026-27495
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
CVE-2026-27495
CVE-2026-27495 affects n8n, an open-source workflow automation platform. Before versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandb...
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
n8n has a Sandbox Escape in its JavaScript Task Runner
Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...
EUVD-2026-8758
n8n has a Sandbox Escape in its JavaScript Task Runner...
GHSA-JJPJ-P2WH-QF23 n8n has a Sandbox Escape in its JavaScript Task Runner
Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...
PT-2026-22030
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 Description n8n is an open source workflow automation platform. A flaw exists in the JavaScript Task Runner sandbox, potentially allowing an authenticated...
CVE-2025-0982
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...
CVE-2025-0982
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...
CVE-2025-0982
CVE-2025-0982 : Sandbox escape in Google Cloud Application Integration’s JavaScript Task (Rhino engine). The exploit would require crafted JavaScript code run by Rhino. Effective January 24, 2025, Rhino is no longer supported by Application Integration, and no further fix actions are needed. The ...
CVE-2025-0982 Sandbox Escape in Google Cloud Application Integration's JavaScript Task (Rhino Engine)
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript...
Google Cloud Platform 安全漏洞
Google Cloud Platform is a cloud computing platform from Google that provides services such as cloud computing, data storage, data analytics and machine learning. A security vulnerability exists in Google Cloud Platform, which stems from a sandbox escape in the JavaScript Task function that allow...
PT-2025-5810 · Google · Google Cloud Application Integration
Name of the Vulnerable Software and Affected Versions: Google Cloud Application Integration affected versions not specified Description: A sandbox escape issue in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted...
[ASA-202107-34] code: arbitrary code execution
Arch Linux Security Advisory ASA-202107-34 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-31211 CVE-2021-31214 Package : code Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1963 Summary ======= The package co...