CVE-2026-15521
The CVE applies to makafeli n8n-workflow-builder up to 0.11.0. Vulnerable is an unknown function in build/server.cjs (update_node_from_file); manipulating the filePath argument enables path traversal. Local attack required; exploit publicly available. Project was informed via issue report but has...