252660 matches found
srvx is vulnerable to middleware bypass via absolute URI in request line
Summary A pathname parsing discrepancy in srvx's FastURL allows middleware bypass on the Node.js adapter when a raw HTTP request uses an absolute URI with a non-standard scheme e.g. file://. Details When Node.js receives an absolute URI in the request line e.g. GET file://hehe?/internal/run...
EUVD-2026-16503
Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic...
Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic
Impact Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments...
GHSA-HXV8-4J4R-CQGV Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic
Impact Ingress Network Policies are not enforced for traffic from pods to L7 Services Envoy, GAMMA with a local backend on the same node, when Per-Endpoint Routing is enabled and BPF Host Routing is disabled. Per-Endpoint Routing is disabled by default, but is automatically enabled in deployments...
EUVD-2026-15947
n8n has SQL Injection in Data Table Node via orderByColumn Expression...
SQL Injection
Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to SQL Injection in the orderByColumn expression of the Data Table Get node. An attacker with permissions to create or modify workflows can execute arbitrary SQL commands by supplying crafted input,...
n8n has SQL Injection in Data Table Node via orderByColumn Expression
Impact An authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements can be manipulated and the attack surface is practically limited. On PostgreSQL deployments, multi-statement...
GHSA-98C2-4CR3-4JC3 n8n has SQL Injection in Data Table Node via orderByColumn Expression
Impact An authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements can be manipulated and the attack surface is practically limited. On PostgreSQL deployments, multi-statement...
Prototype Pollution
Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Prototype Pollution via the GSuiteAdmin node parameter. An attacker with permissions to create or modify workflows can execute arbitrary code by supplying crafted parameters that pollute...
EUVD-2026-15945
n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE...
GHSA-MXRG-77HM-89HV n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE
Impact An authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the GSuiteAdmin node. By supplying a crafted parameter as part of node configuration, an attacker could write attacker-controlled values onto Object.prototype. An attack...
n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE
Impact An authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the GSuiteAdmin node. By supplying a crafted parameter as part of node configuration, an attacker could write attacker-controlled values onto Object.prototype. An attack...
MAL-2026-2238 Malicious code in spr-i18n-labels (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59aab6cd08bb49192276e3b198d9caf42969db9f6793c54f4e1ca2b49c78fc04 The package spr-i18n-labels was found to contain malicious code. Source: ghsa-malware 01ee0be82b4212526afd2aaa40dc1ba0939646f6c94911550d3b648f8cd1d38...
CVE-2026-29608
OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...
CVE-2026-32057
OpenClaw versions prior to 2026.2.25 contain an authentication bypass vulnerability in the trusted-proxy Control UI pairing mechanism that accepts client.id=control-ui without proper device identity verification. An authenticated node role websocket client can exploit this by using the control-ui...
CVE-2026-32043
OpenClaw versions prior to 2026.2.25 contain a time-of-check-time-of-use vulnerability in approval-bound system.run execution where the cwd parameter is validated at approval time but resolved at execution time. Attackers can retarget a symlinked cwd between approval and execution to bypass comma...
CVE-2026-32001
OpenClaw versions prior to 2026.2.22 contain an authentication bypass vulnerability that allows clients authenticated with a shared gateway token to connect as role=node without device identity verification. Attackers can exploit this by claiming the node role during WebSocket handshake to inject...
CVE-2026-33334
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the renderer process without contextIsolation or sandbox. This means any cross-site scripting XSS vulnerability in...
CVE-2026-33336
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...
CVE-2026-33066
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New without calling SetSanitizetrue, allowing raw HTML embedded in Markdown to pass through unmodified. The frontend then assigns the rendered HTML to innerHTML without any...