3 matches found
CVE-2026-54314 n8n: Denial of Service via ZIP decompression in webhook workflow
n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompress operation expanded attacker-controlled archives into memory without enforcing limits on decompressed output size. An unauthenticated attacker could send a small compressed archive to a public...
CVE-2026-54314
Summary: CVE-2026-54314 affects n8n prior to version 2.24.0. The issue lies in the Compression node’s Decompress operation, which could expand attacker‑controlled archives in memory without limits on the decompressed size. An unauthenticated attacker could send a small compressed archive to a pub...
NPM: n8n: Denial of Service via ZIP decompression in webhook workflow
NPM: n8n: Denial of Service via ZIP decompression in webhook workflow vulnerability discovered by ? in WordPress Npm n8n versions 2.24.0...