Lucene search
K

4 matches found

Cvelist
Cvelist
β€’added 5 days agoβ€’31 views

CVE-2026-59206 n8n: Prototype Pollution via Workflow Credentials Leads to Unauthenticated User and Project Enumeration

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated reques...

7.1CVSS0.00297EPSS
Exploits0References3
CVE
CVE
β€’added 5 days agoβ€’7 views

CVE-2026-59206

n8n is affected by a prototype pollution vulnerability in which an authenticated user with the default workflow:create permission could pollute Object.prototype via a crafted workflow saved, updated, or imported through the workflow API. This corruption could cause unauthenticated requests to be ...

7.1CVSS5.9AI score0.00297EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
β€’added 2026/06/16 12:0 a.m.β€’21 views

PT-2026-50172

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description A prototype pollution issue allows a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. Prototype polluti...

6.4CVSS5.9AI score0.00259EPSS
Exploits0References5
Packet Storm
Packet Storm
β€’added 2026/05/08 12:0 a.m.β€’72 views

πŸ“„ NocoBase 2.0.27 VM Sandbox Escape

NocoBase versions 2.0.27 and below VM sandbox escape exploit. Exploit Title: NocoBase 2.0.27 - VM Sandbox Escape Date: 2026-03-26 Exploit Author: Onurcan GenΓ§ Vendor Homepage: https://www.nocobase.com/ Software Link: https://github.com/nocobase/nocobase Version: = 2.0.27 β€” patched in 2.0.28 Teste...

9.9CVSS6AI score0.36503EPSS
Exploits7
Rows per page
Query Builder