Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42236

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without adequate resource controls. An unauthenticated remote attacker could exhaust server memor...

8.7CVSS5.4AI score0.00487EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 6:28 p.m.58 views

CVE-2026-42230 n8n: Open Redirect in MCP OAuth Consent Flow

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirecturi values to be registered. When a user denies the MCP OAuth consent dialog,...

5.1CVSS0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

n8n 输入验证错误漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 1.123.32, 2.17.4, and 2.18.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the /mcp-oauth/register endpoint, which allowed unauthenticated OAuth clie...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/03/02 12:0 a.m.177 views

📄 WordPress Real Spaces Properties Directory Theme 3.6 Missing Authorization

Proof of concept exploit for a missing authorization vulnerability in WordPress Real Spaces Properties Directory Theme version 3.6. ============================================================================================================================================= | Title : WordPress Rea...

9.8CVSS5.9AI score0.00352EPSS
Exploits3
Rows per page
Query Builder