n8n Node.js Package < 1.123.32 / 2.x < 2.17.4 / 2.18.x < 2.18.1 XML Node Prototype Pollution RCE (GHSA-hqr4-h3xv-9m3r)

The version of the n8n Node.js Package installed on the remote host is prior to 1.123.32, 2.x prior to 2.17.4, or 2.18.x prior to 2.18.1. It is, therefore, affected by a remote code execution vulnerability: - An authorized user with workflow creation or modification capabilities can exploit...

n8n Node.js Package < 1.121.0 Domain Allowlist Bypass / Credential Exfiltration (CVE-2026-25631)

The version of the n8n Node.js Package installed on the remote host is prior to 1.121.0. It is, therefore, affected by a credential exfiltration vulnerability: - A vulnerability in the HTTP Request node's credential domain validation allows an authenticated attacker to send requests with...

n8n Node.js Package 2.x < 2.4.8 Python Sandbox Escape (CVE-2026-25115)

The version of the n8n Node.js Package installed on the remote host is 2.x prior to 2.4.8. It is, therefore, affected by a remote code execution vulnerability: - A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code...

MAL-2026-540 Malicious code in n8n-nodes-xkwqpzrt-jmflhvbn-dsyocgxwmkelpt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9aa71b86b24db0a3a609b749d0b80b7868fa8adac9950d7898460f643ecf14c The package n8n-nodes-xkwqpzrt-jmflhvbn-dsyocgxwmkelpt was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-1822

Malicious code in n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz npm...

MAL-2025-191399 Malicious code in n8n-nodes-viral-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b674c80512825238bef8f46f867856034796bf31343fa3c9e20f4b74e9b6da8f The package n8n-nodes-viral-app was found to contain malicious code. Source: google-open-source-security...