Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the GetTaskAttachment handler in the API attachment download component. An attacker can execute arbitrary JavaScript and expose authentication tokens by uploading an SVG attachment whose crafted filename...

CVE-2026-27495

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...

CVE-2026-27616

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as...

Exploit for CVE-2026-21627

CVE-2026-21627---Tassos-Novarai...

CVE-2026-27616

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to upload SVG files as task attachments. SVG is an XML-based format that supports JavaScript execution through elements such as tags or event handlers like onload. The application...

CVE-2026-27495

CVE-2026-27495 affects n8n, an open-source workflow automation platform. Before versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandb...

CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...

CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...

CVE-2026-27495 n8n has a Sandbox Escape in its JavaScript Task Runner

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...

CVE-2026-27495

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...

CVE-2026-27494 n8n has Arbitrary File Read via Python Code Node Sandbox Escape

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python...

CVE-2026-27494

CVE-2026-27494 is superseded by a GitHub Advisory for n8n: an authenticated user who can create or modify workflows can escape the Python Code node sandbox due to insufficient restrictions on built-in Python objects. This could allow exfiltration of file contents or remote code execution, potenti...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection. An attacker can execute arbitrary code outside the intended sandbox boundary by creating or modifying workflows after authenticating with sufficient permissions. Workaround This vulnerability can be mitigated b...

n8n has a Sandbox Escape in its JavaScript Task Runner

Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...

EUVD-2026-8758

n8n has a Sandbox Escape in its JavaScript Task Runner...

GHSA-JJPJ-P2WH-QF23 n8n has a Sandbox Escape in its JavaScript Task Runner

Impact An authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners default runner mode, this could result in full compromise...

Security_Testing_Task3

No d...

kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

CVE-2026-3064

A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some unknown functionality of the file ResourceCreateService.java of the component Cloud Task Scheduler. Such manipulation of the argument regionId leads to command injection. The attack may be launche...

CVE-2026-3065

A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote exploitation of the...