Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.6 views

n8n Node.js Package < 1.123.12 / 2.x < 2.4.0 Arbitrary File Write via SSH Node (CVE-2026-25055)

The version of the n8n Node.js Package installed on the remote host is prior to 1.123.12, or 2.x prior to 2.4.0. It is, therefore, affected by an arbitrary file write vulnerability: - When workflows process uploaded files and transfer them to remote servers via the SSH node without validating the...

8.1CVSS6.3AI score0.01713EPSS
Exploits0References2
NVD
NVD
added 2026/02/04 8:16 p.m.8 views

CVE-2026-25157

OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When th...

7.7CVSS0.00935EPSS
Exploits1References1
OSV
OSV
added 2026/02/04 7:55 p.m.6 views

CVE-2026-25157 OpenClaw/Clawdbot has OS Command Injection via Project Root Path in sshNodeCommand

OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When th...

7.7CVSS5.9AI score0.00935EPSS
Exploits1References3
CVE
CVE
added 2026/02/04 7:55 p.m.53 views

CVE-2026-25157

OpenClaw/OpenClaw-related CVEs (CVE-2026-25157) describe OS command injection in sshNodeCommand and related SSH parsing logic, affecting macOS OpenClaw components prior to version 2026.1.29. The root causes are: (1) sshNodeCommand builds a shell script and escapes user input for a project path on...

7.7CVSS5.9AI score0.00935EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/02/04 7:36 p.m.5 views

Directory Traversal

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to Directory Traversal via the SSH node when workflows process uploaded files and transfer them to remote servers without validating their metadata. An attacker can write files to unintended locations ...

9CVSS6.8AI score0.01713EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 4:47 p.m.5 views

CVE-2026-25055 n8n Arbitrary File Write on Remote Systems via SSH Node

n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...

7.1CVSS6.4AI score0.01713EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/04 4:47 p.m.2 views

CVE-2026-25055 n8n Arbitrary File Write on Remote Systems via SSH Node

n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...

7.1CVSS6.4AI score0.01713EPSS
Exploits0References1
Rows per page
Query Builder