Lucene search
K

4579 matches found

Github Security Blog
Github Security Blog
added 2026/03/26 6:28 p.m.5 views

n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

Impact An authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such responses inline on the n8n origin without Content-Disposition or Content-Security-Policy...

9CVSS5.9AI score0.00249EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/26 6:28 p.m.2 views

GHSA-QFC3-HM4J-7Q77 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

Impact An authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such responses inline on the n8n origin without Content-Disposition or Content-Security-Policy...

8.9CVSS5.9AI score0.00249EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/26 4:41 p.m.2 views

SQL Injection

Overview n8n-nodes-base is a Base nodes of n8n Affected versions of this package are vulnerable to SQL Injection in the orderByColumn expression of the Data Table Get node. An attacker with permissions to create or modify workflows can execute arbitrary SQL commands by supplying crafted input,...

8.8CVSS6.2AI score0.00423EPSS
Exploits0References2
OSV
OSV
added 2026/03/26 4:41 p.m.4 views

GHSA-98C2-4CR3-4JC3 n8n has SQL Injection in Data Table Node via orderByColumn Expression

Impact An authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements can be manipulated and the attack surface is practically limited. On PostgreSQL deployments, multi-statement...

9.9CVSS6.1AI score0.00423EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.4 views

CVE-2025-13459

IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow...

4.9CVSS5.8AI score0.00422EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.6 views

CVE-2026-22319

A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack...

4.9CVSS6.3AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-30958

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, an unauthenticated path traversal in the /workflow/docs/:componentName endpoint allows reading arbitrary files from the server filesystem. The componentName route parameter is concatenated directly into a file...

8.6CVSS7.4AI score0.01102EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.7 views

CVE-2026-33634

Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in aquasecurity/trivy-action to credential-stealing malware, and replace all 7 tags in aquasecurity/setup-trivy with malicious...

9.4CVSS6.2AI score0.60368EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-31852

Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is vulnerable to arbitrary code execution via pull requests from forked repositories. Due to the workflow's elevated permissions nearly all write permissions, this vulnerability enables...

10CVSS6.5AI score0.00445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.5 views

CVE-2026-31839

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

8.2CVSS5.8AI score0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.5 views

CVE-2026-31886

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

9.1CVSS6AI score0.00421EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/25 9:57 p.m.5 views

EUVD-2026-15952

n8n Has Authorization Bypass in OAuth Callback via N8NSKIPAUTHONOAUTHCALLBACK...

6.3CVSS5.8AI score0.0018EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/25 9:8 p.m.8 views

n8n is Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition

Impact An authenticated user with the global:member role could exploit chained authorization flaws in n8n's credential pipeline to steal plaintext secrets from generic HTTP credentials httpBasicAuth, httpHeaderAuth, httpQueryAuth belonging to other users on the same instance. The attack abuses a...

8.5CVSS6AI score0.00392EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/25 9:7 p.m.4 views

Arbitrary Code Injection

Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Arbitrary Code Injection via the Merge node's Combine by SQL mode. An authenticated user with permissions to create or modify workflows can execute arbitrary code and access sensitive files on the...

9.4CVSS6.3AI score0.00951EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 7:16 p.m.5 views

CVE-2026-33749

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

9CVSS0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 7:16 p.m.8 views

CVE-2026-33724

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

7.4CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 6:47 p.m.22 views

CVE-2026-33751 n8n Vulnerable to LDAP Filter Injection in LDAP Node

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape logic allowed LDAP metacharacters to pass through unescaped when user-controlled input was interpolated into LDAP search filters. In workflows where external...

6.3CVSS0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 6:39 p.m.25 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS0.00249EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 6:39 p.m.5 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS5.9AI score0.00249EPSS
Exploits0References3
NVD
NVD
added 2026/03/25 6:16 p.m.4 views

CVE-2026-33663

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with the global:member role could exploit chained authorization flaws in n8n's credential pipeline to steal plaintext secrets from generic HTTP credentials httpBasicAuth,...

8.5CVSS0.00392EPSS
Exploits0References1
Rows per page
Query Builder