8 matches found
PT-2026-36901
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.32 n8n versions prior to 2.17.4 n8n versions prior to 2.18.1 Description A flaw in the SeaTable node's 'row:search' and 'row:get' operations allows user-controlled input to be concatenated directly into SQL query...
Missing Authorization
Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Missing Authorization via the dynamic-node-parameters endpoints. An attacker can access and exfiltrate sensitive credentials belonging to other users by supplying a foreign credential ID in the...
PT-2026-33010
🔒 CyberSecurity CVE-2024-44738 & CVE-2024-44337: n8n Workflow Automation Critical Flaws — Detec… "Security Arsenal’s analysis of the recent Pillar Security disclosure regarding n8n…" 🔗 https://t.co/U8qg6uYpWr CyberSecurity ThreatIntel alertfatigue triage alertmonitor...
EUVD-2026-8760
n8n has Arbitrary Command Execution via File Write and Git Operations...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-25053 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-25053 Source advisory: OSV:GHSA-9G95-QF3F-GGRW...
GHSA-5XRP-6693-JJX9 n8n Unsafe Workflow Expression Evaluation Allows Remote Code Execution
n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...
n8n 代码问题漏洞
n8n is a scalable workflow automation tool from n8n open source. A code issue vulnerability exists in n8n 0.121.2 and prior versions that originates from an authenticated attacker who can execute malicious code that could lead to a full crack...
EUVD-2026-1187
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling...