4 matches found
CVE-2026-42236
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without adequate resource controls. An unauthenticated remote attacker could exhaust server memor...
CVE-2026-42230 n8n: Open Redirect in MCP OAuth Consent Flow
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirecturi values to be registered. When a user denies the MCP OAuth consent dialog,...
n8n 输入验证错误漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the /mcp-oauth/register endpoint, which allowed unauthenticated OAuth clie...
📄 WordPress Real Spaces Properties Directory Theme 3.6 Missing Authorization
Proof of concept exploit for a missing authorization vulnerability in WordPress Real Spaces Properties Directory Theme version 3.6. ============================================================================================================================================= | Title : WordPress Rea...