Lucene search
+L

173 matches found

EUVD
EUVD
added 3 days ago6 views

EUVD-2026-44624

n8n before version 2.10.0 contains an input validation vulnerability in the Guardrail node that allows attackers to bypass default guardrail instructions. End users can craft malicious inputs to circumvent guardrail protections and compromise workflow integrity...

6.3CVSS6.1AI score0.00344EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 3:16 p.m.8 views

CVE-2026-58661

n8n before 2.28.0 and before 1.123.58 on the 1.x branch contains a disk space exhaustion vulnerability in the data-table file upload endpoint. The per-request quota check does not account for files already written to the shared temporary directory, allowing an authenticated user to repeatedly...

5.3CVSS0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/07/09 4:16 p.m.10 views

CVE-2026-59208

n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured with more than one trusted token-exchange issuer resolved external identities to local accounts using only the JWT sub claim and ignored the iss claim, allowing an attacke...

7.6CVSS0.00143EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 3:32 p.m.2 views

CVE-2026-59209 n8n: Shared Credential Header Leak via HTTP Request Pagination Expression

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and...

7.1CVSS6.1AI score0.00294EPSS
Exploits0References5
NVD
NVD
added 2026/07/08 2:17 p.m.8 views

CVE-2026-56360

n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 signatures on Zendesk webhooks in the ZendeskTrigger node. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary malicious data...

6.3CVSS0.00186EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/08 1:49 p.m.7 views

EUVD-2026-42264

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...

6.4CVSS6.1AI score0.00174EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 1:49 p.m.33 views

CVE-2026-56776 n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

7.4CVSS0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/08 1:49 p.m.5 views

EUVD-2026-42257

n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow where authenticated users can inject malicious JavaScript URLs into OAuth2 credential Authorization URL fields. Attackers can craft malicious credentials and trick victims into clicking the OAuth...

5.4CVSS5.9AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 5:17 p.m.14 views

CVE-2026-54308

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to...

7.2CVSS0.00276EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:17 p.m.13 views

CVE-2026-54307

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...

9.6CVSS0.00315EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 5:17 p.m.9 views

CVE-2026-54302

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, an authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the...

7CVSS0.0021EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 4:17 p.m.11 views

CVE-2026-54311

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions o...

7.7CVSS0.00316EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 4:17 p.m.11 views

CVE-2026-54312

n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the Microsoft SQL node by supplying a crafted value as the table parameter. This pollutes Object.prototype...

8.5CVSS0.00294EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 3:53 p.m.3 views

CVE-2026-44790 n8n: Arbitrary File Read via Git Node

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leadi...

9.4CVSS6.2AI score0.00632EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 3:45 p.m.5 views

CVE-2026-54305 n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints

n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, three EE endpoints used by the Dynamic Credentials feature accepted any authenticated n8n session without performing per-resource ownership or scope checks on the target workflow or credential. An...

8.9CVSS6AI score0.00343EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 3:43 p.m.47 views

CVE-2026-54306 n8n: Prototype Pollution enables confused-deputy execution via public webhooks

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollution vulnerability allowed a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. These fields could be surfaced and consumed as norma...

6.3CVSS0.00259EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 3:43 p.m.3 views

CVE-2026-54306 n8n: Prototype Pollution enables confused-deputy execution via public webhooks

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollution vulnerability allowed a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. These fields could be surfaced and consumed as norma...

6.3CVSS5.9AI score0.00259EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 3:36 p.m.3 views

CVE-2026-54309 n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the...

8.8CVSS6AI score0.00403EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.33 views

CVE-2026-56357 n8n - Webhook Forgery via Missing HMAC-SHA256 Signature Verification in GitHub Webhook Trigger

n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signature verification. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary data, spoofing GitHub webhoo...

6.3CVSS0.00186EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 9:4 p.m.12 views

EUVD-2026-38377

n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signature verification. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary data, spoofing GitHub webhoo...

6.3CVSS6AI score0.00186EPSS
Exploits0References2
Rows per page
Query Builder