Lucene search
K

77 matches found

NVD
NVD
added last week9 views

CVE-2026-56776

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

7.4CVSS0.00161EPSS
Exploits0References2
EUVD
EUVD
added last week7 views

EUVD-2026-42263

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

7.4CVSS6.1AI score0.00161EPSS
Exploits0References2
OSV
OSV
added last week5 views

CVE-2026-56776 n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint

n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/workflowId/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real...

5.3CVSS6.2AI score0.00161EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 3:42 p.m.4 views

CVE-2026-54308 n8n: Missing Token Validation on Microsoft Agent 365 Trigger Node

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to...

6.3CVSS6AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 6:59 p.m.9 views

GHSA-HV7X-3X78-GX53 n8n: Wrong OAuth Scope On Evaluations Test Run Creation Endpoint

Impact The POST /workflows/workflowId/test-runs/new endpoint authorized access using workflow:read rather than workflow:execute. An authenticated user with read-only access to a workflow could trigger a real evaluation test run, causing the workflow to execute via the internal workflow runner. Th...

7.4CVSS5.7AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.21 views

PT-2026-50174

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description The MicrosoftAgent365Trigger and StripeTrigger nodes fail to validate inbound requests. This allows an unauthenticated attacker with knowledge of the webhook URL to submit a...

7.2CVSS6AI score0.00276EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-23902

Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1. Users are recommended to...

8.1CVSS5.5AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-45226

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS6AI score0.00293EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/19 3:55 p.m.12 views

n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions

Impact The ExecuteWorkflow node's localFile source option read workflow files from disk without applying checks enforced by other file-reading nodes. An authenticated user with permission to create or modify workflows could supply an arbitrary file path via the REST API, bypassing the...

5.9AI score
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/13 12:48 a.m.11 views

EUVD-2026-29868

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS6.2AI score0.00293EPSS
Exploits0References5
NVD
NVD
added 2026/05/12 10:16 p.m.12 views

CVE-2026-45226

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS0.00293EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:17 p.m.6 views

CVE-2026-45226

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS6.2AI score0.00293EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/12 9:17 p.m.56 views

CVE-2026-45226 Heym < 0.0.21 Authorization Bypass in Workflow Execution

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS0.00293EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/12 9:17 p.m.7 views

CVE-2026-45226 Heym < 0.0.21 Authorization Bypass in Workflow Execution

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS6.2AI score0.00293EPSS
Exploits0References4
CVE
CVE
added 2026/05/12 9:17 p.m.38 views

CVE-2026-45226

CVE-2026-45226 affects Heym before 0.0.21 and describes an authorization bypass in workflow execution. Authenticated users can reference victim workflow UUIDs to load and execute those workflows via attacker‑controlled execution paths, potentially exposing victim outputs and triggering nodes with...

7.6CVSS6.2AI score0.00293EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 9:17 p.m.3 views

CVE-2026-45226 Heym < 0.0.21 Authorization Bypass in Workflow Execution

Heym before 0.0.21 contains an authorization bypass vulnerability in workflow execution that allows authenticated users to execute arbitrary workflows by referencing victim workflow UUIDs without proper access validation. Attackers can create workflows with execute nodes or agent subWorkflowIds...

7.6CVSS6.3AI score0.00293EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40451

Name of the Vulnerable Software and Affected Versions Heym versions prior to 0.0.21 Description An authorization bypass exists in workflow execution allowing authenticated users to execute arbitrary workflows. By referencing victim workflow UUIDs without proper access validation, attackers can...

7.6CVSS6.2AI score0.00293EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/08 10:12 p.m.34 views

CVE-2026-44284 FastGPT: Stored MCP tool URL SSRF in FastGPT workflow execution

FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected internal/private network URLs, but the MCP tool create/update endpoints could still save an internal...

6.3CVSS0.00235EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 10:12 p.m.3 views

CVE-2026-44284 FastGPT: Stored MCP tool URL SSRF in FastGPT workflow execution

FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected internal/private network URLs, but the MCP tool create/update endpoints could still save an internal...

6.3CVSS6AI score0.00235EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/08 10:12 p.m.6 views

CVE-2026-44284 FastGPT: Stored MCP tool URL SSRF in FastGPT workflow execution

FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected internal/private network URLs, but the MCP tool create/update endpoints could still save an internal...

6.3CVSS5.8AI score0.00235EPSS
Exploits0References4
Rows per page
Query Builder