4 matches found
CVE-2026-56351
n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to inject arbitrary SQL through unescaped identifier values in node configuration parameters. Attackers with workflow creation permissions can supply...
CVE-2026-25051
creationtimestamp| type| source ---|---|--- 2026-02-05 08:08:06+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-n8n-1...
n8n 访问控制错误漏洞
n8n is a scalable workflow automation tool from n8n open source. An access control error vulnerability exists in n8n versions 1.36.0 through prior to 2.2.0, which stems from the IP whitelist validation of the Webhook node performing partial string matches instead of exact IP comparisons, which...
n8n 安全漏洞
n8n is a scalable workflow automation tool from n8n open source. A security vulnerability exists in versions prior to n8n 1.113.0 that originates when the Git Node component triggers execution when cloning remote repositories containing pre-commit hooks, which could lead to remote code execution...