2 matches found
PT-2026-55598
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description LFS push and sync mirror operations do not utilize the migration HTTP transport. This behavior allows LFS requests to bypass the configured migration transport protections. Recommendations Update Gite...
CVE-2026-49465 n8n: Git Node Clone and Push Operations Bypass File Sandbox
n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push...