CVE-2026-54311 n8n: Merge Node SQL Mode Prototype Pollution

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions o...

CVE-2026-54310

n8n contains a SQL injection vulnerability in the TimescaleDB and legacy Postgres v1 nodes, exploitable by an authenticated user with workflow-edit/create permissions. Before versions 2.25.7 and 2.26.2, crafted parameters could inject arbitrary SQL into the connected database under the privileges...

GHSA-57G9-58C2-XJG3 n8n Has an Arbitrary File Read via Git Node

Impact An authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leading to full compromise. Patches The issue has been fixed in n8n versions 1.123.43,...

kestra 安全漏洞

Kestra is an open-source workflow automation platform developed by Kestra. Versions of Kestra prior to 1.3.7 contained security vulnerabilities. These vulnerabilities stemmed from SQL injection vulnerabilities in the/api/v1/main/flows/search endpoint, which could lead to remote code execution...

CVE-2026-33751 n8n Vulnerable to LDAP Filter Injection in LDAP Node

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape logic allowed LDAP metacharacters to pass through unescaped when user-controlled input was interpolated into LDAP search filters. In workflows where external...

CVE-2026-33713 n8n Vulnerable to SQL Injection in Data Table Node via orderByColumn Expression

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements can be manipulate...

CVE-2026-27495

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On...

CVE-2026-25054

n8n is an open source workflow automation platform. Prior to versions 1.123.9 and 2.2.1, a Cross-Site Scripting XSS vulnerability existed in a markdown rendering component used in n8n's interface, including workflow sticky notes and other areas that support markdown content. An authenticated user...

CVE-2026-25056 n8n Arbitrary File Write leading to RCE in n8n Merge Node

n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n8n server's filesystem potentially leading to remo...

CVE-2026-25054 n8n is Vulnerable to Stored Cross-Site Scripting via Markdown Rendering in Workflow UI

n8n is an open source workflow automation platform. Prior to versions 1.123.9 and 2.2.1, a Cross-Site Scripting XSS vulnerability existed in a markdown rendering component used in n8n's interface, including workflow sticky notes and other areas that support markdown content. An authenticated user...

EUVD-2026-5420

n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting XSS vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Content Security Policy CSP sandbox protection intended to...

CVE-2026-21894 n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks

n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stri...

Description of the security update for SharePoint Foundation 2013: November 13, 2018

Description of the security update for SharePoint Foundation 2013: November 13, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...