15 matches found
CVE-2026-27496
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
CVE-2026-27496
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
n8n 安全漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.22, 2.9.3, and 2.10.1 contained security vulnerabilities. These vulnerabilities stemmed from the JavaScript Task Runner’s ability to allocate uninitialized memory buffers, which could lead to...
PT-2026-28072
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data fro...
CVE-2026-27495
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
CVE-2026-27495
CVE-2026-27495 affects n8n, an open-source workflow automation platform. Before versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandb...
CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...
n8n has a Sandbox Escape in its JavaScript Task Runner
Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...
EUVD-2026-8758
n8n has a Sandbox Escape in its JavaScript Task Runner...
GHSA-JJPJ-P2WH-QF23 n8n has a Sandbox Escape in its JavaScript Task Runner
Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...
PT-2026-22030
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 Description n8n is an open source workflow automation platform. A flaw exists in the JavaScript Task Runner sandbox, potentially allowing an authenticated...
[ASA-202107-34] code: arbitrary code execution
Arch Linux Security Advisory ASA-202107-34 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-31211 CVE-2021-31214 Package : code Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1963 Summary ======= The package co...
USN-4595-1: Grunt vulnerability
It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code. CVE-2020-7729...