Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/23 3:31 p.m.36 views

CVE-2026-54313 n8n: NoSQL Injection in MongoDB Node Find And Replace Operation

n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing...

6.5CVSS0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-50179

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.24.0 Description An authenticated user with workflow edit access can provide a malicious filter value within the MongoDB node's Find And Replace operation. Because the value is not validated before being used as a query...

7.7CVSS5.8AI score0.0026EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.5 views

Malicious code in redshift-darkenergy-mongodb-node-sass (npm)

The package redshift-darkenergy-mongodb-node-sass was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.4 views

MAL-2025-45779 Malicious code in redshift-darkenergy-mongodb-node-sass (npm)

The package redshift-darkenergy-mongodb-node-sass was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2023/08/29 4:15 p.m.1 views

DEBIAN-CVE-2021-32050

Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed. Without due care, an application may...

7.5CVSS6.3AI score0.00492EPSS
Exploits0References1
Rows per page
Query Builder