Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-25115 (GCVE-0-2026-25115)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:48 – Updated: 2026-02-05 14:33
VLAI?
EPSS
Title
n8n is vulnerable to Python sandbox escape
Summary
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.
Severity ?
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/n8n-io/n8n/security/advisories… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T14:23:16.308114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T14:33:23.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n8n",
"vendor": "n8n-io",
"versions": [
{
"status": "affected",
"version": "\u003c 2.4.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:48:03.955Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h"
}
],
"source": {
"advisory": "GHSA-8398-gmmx-564h",
"discovery": "UNKNOWN"
},
"title": "n8n is vulnerable to Python sandbox escape"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25115",
"datePublished": "2026-02-04T16:48:03.955Z",
"dateReserved": "2026-01-29T14:03:42.539Z",
"dateUpdated": "2026-02-05T14:33:23.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-25115",
"date": "2026-05-14",
"epss": "0.00064",
"percentile": "0.19902"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-25115\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-02-04T17:16:23.877\",\"lastModified\":\"2026-02-05T20:44:21.807\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.4,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.9,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.1,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"2.4.8\",\"matchCriteriaId\":\"E5B03DE1-526B-4F58-B199-88D39DF532F0\"}]}]}],\"references\":[{\"url\":\"https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-25115\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-05T14:23:16.308114Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-05T14:23:16.941Z\"}}], \"cna\": {\"title\": \"n8n is vulnerable to Python sandbox escape\", \"source\": {\"advisory\": \"GHSA-8398-gmmx-564h\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"n8n-io\", \"product\": \"n8n\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.4.8\"}]}], \"references\": [{\"url\": \"https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h\", \"name\": \"https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-693\", \"description\": \"CWE-693: Protection Mechanism Failure\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-02-04T16:48:03.955Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-25115\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-05T14:33:23.945Z\", \"dateReserved\": \"2026-01-29T14:03:42.539Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-02-04T16:48:03.955Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-8398-GMMX-564H
Vulnerability from github – Published: 2026-02-04 19:42 – Updated: 2026-03-25 03:12
VLAI?
Summary
n8n has a Python sandbox escape
Details
Impact
A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary.
Only authenticated users are able to execute code through Task Runners.
This issue affected any deployment in which the following conditions were met:
- Task Runners were enabled using
N8N_RUNNERS_ENABLED=true(default: false) - Python was enabled
N8N_PYTHON_ENABLED=true - Code Node was enabled (default: true)
In case the N8N_RUNNERS_MODE is set to external (default: internal) the sandbox escape is limited to the sidecar container with lower risk for lateral movement. In that case a lower high severity is more appropriate.
Patches
This vulnerability is fixed in version 2.4.8 and later.
Workarounds
If an immediate upgrade cannot be applied, the following hardening steps are recommended:
- Disable the Code Node by adding
n8n-nodes-base.codeto theNODES_EXCLUDEenvironment variable - Prefer external mode for isolation: run Task Runners in external mode so that untrusted task code executes in a separate sidecar container rather than within the main n8n process. This configuration significantly reduces the risk of in-process memory disclosure caused by unsafe buffer allocations.In external mode, a launcher manages Task Runner processes in a dedicated sidecar environment, separate from the primary n8n instance. See the [n8n documentation](https://docs.n8n.io/hosting/configuration/task-runners/) for configuration details and required environment variables.
Resources
- n8n Documentation — Task Runners — external mode, setup guide, and environment configuration details
- n8n Documentation — Blocking nodes — how to globally disable specific nodes
Severity ?
9.9 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "n8n"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-25115"
],
"database_specific": {
"cwe_ids": [
"CWE-693"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-04T19:42:03Z",
"nvd_published_at": "2026-02-04T17:16:23Z",
"severity": "CRITICAL"
},
"details": "## Impact\n\nA vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. \n\nOnly authenticated users are able to execute code through Task Runners.\n\nThis issue affected any deployment in which the following conditions were met:\n\n- Task Runners were enabled using\u00a0`N8N_RUNNERS_ENABLED=true`\u00a0(default: false)\n- Python was enabled `N8N_PYTHON_ENABLED=true`\n- Code Node was enabled (default: true)\n\nIn case the `N8N_RUNNERS_MODE` is set to `external` (default: `internal`) the sandbox escape is limited to the sidecar container with lower risk for lateral movement. In that case a lower high severity is more appropriate.\n\n## Patches\n\nThis vulnerability is fixed in version 2.4.8 and later. \n\n## Workarounds\n\nIf an immediate upgrade cannot be applied, the following hardening steps are recommended:\n\n- Disable the Code Node by adding\u00a0`n8n-nodes-base.code`\u00a0to the\u00a0`NODES_EXCLUDE`\u00a0environment variable\n- Prefer external mode for isolation: run Task Runners in external mode so that untrusted task code executes in a separate sidecar container rather than within the main n8n process. This configuration significantly reduces the risk of in-process memory disclosure caused by unsafe buffer [allocations.In](http://allocations.in/) external mode, a launcher manages Task Runner processes in a dedicated sidecar environment, separate from the primary n8n instance. See the\u00a0[[n8n documentation](https://docs.n8n.io/hosting/configuration/task-runners/)](https://docs.n8n.io/hosting/configuration/task-runners/)\u00a0for configuration details and required environment variables.\n\n## Resources\n\n- [n8n Documentation \u2014 Task Runners](https://docs.n8n.io/hosting/configuration/task-runners/) \u2014 external mode, setup guide, and environment configuration details\n- [n8n Documentation \u2014 Blocking nodes](https://docs.n8n.io/hosting/securing/blocking-nodes/)\u00a0\u2014 how to globally disable specific nodes",
"id": "GHSA-8398-gmmx-564h",
"modified": "2026-03-25T03:12:11Z",
"published": "2026-02-04T19:42:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25115"
},
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/commit/8607d372f78c388bb3691d9d5b52af7259ec7b1f"
},
{
"type": "PACKAGE",
"url": "https://github.com/n8n-io/n8n"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "n8n has a Python sandbox escape"
}
NCSC-2026-0049
Vulnerability from csaf_ncscnl - Published: 2026-02-09 10:39 - Updated: 2026-02-09 10:39Summary
Kwetsbaarheden verholpen in n8n
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: n8n heeft kwetsbaarheden verholpen in versies 1.114.3, 1.115.0, 1.123.17, 2.5.2, 1.122.5, 1.123.2, 1.123.18, 2.5.0, 1.123.10, 2.5.0, 2.2.1, 1.123.9, 1.123.12, 2.4.0, 1.118.0, 2.4.0, 2.4.8, en 1.120.3.
Interpretaties: De kwetsbaarheden omvatten onder andere het gebruik van `Buffer.allocUnsafe()` en `Buffer.allocUnsafeSlow()`, wat kan leiden tot informatie openbaarmaking. Daarnaast zijn er kwetsbaarheden in de expressie-evaluatiefuncties die geauthenticeerde gebruikers in staat stellen om ongewenste systeemcommando's uit te voeren. Er zijn ook Cross-site Scripting (XSS) kwetsbaarheden ontdekt in de webhook-responsverwerking en de markdown-renderingcomponent, die kunnen leiden tot sessieovername. Verder zijn er kwetsbaarheden in de bestandsaccesscontrols en de Git-node, die het mogelijk maken voor geauthenticeerde gebruikers om gevoelige bestanden te lezen en willekeurige commando's uit te voeren. Een andere kwetsbaarheid stelt ongeauthenticeerde aanvallers in staat om workflows te exploiteren die geüploade bestanden via SSH verwerken, wat kan leiden tot remote code execution. Bovendien is er een kwetsbaarheid in de Merge-node's SQL Query-modus, en in de Python Code-node die het mogelijk maakt om de sandbox-omgeving te ontsnappen. Tot slot is er een command injection-kwetsbaarheid in de community package installatie.
Oplossingen: n8n heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-20: Improper Input Validation
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-434: Unrestricted Upload of File with Dangerous Type
CWE-668: Exposure of Resource to Wrong Sphere
CWE-693: Protection Mechanism Failure
CWE-913: Improper Control of Dynamically-Managed Code Resources
n8n's task runner had a vulnerability allowing untrusted code to allocate uninitialized memory, which has been patched in versions 1.114.3 and 1.115.0 by ensuring zero-filled buffer allocations.
7.7 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
Recent updates in n8n versions 1.123.17 and 2.5.2 address a vulnerability allowing authenticated users to execute unintended system commands through expression evaluation exploits.
9.9 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
A Cross-site Scripting (XSS) vulnerability in n8n's webhook response handling, affecting versions prior to 1.123.2, has been patched to prevent authenticated users from executing malicious scripts.
5.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
A vulnerability in n8n's file access controls allows authenticated users to read sensitive files, leading to potential account takeovers, but has been patched in versions 1.123.18 and 2.5.0.
9.9 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
Vulnerabilities in the Git node of n8n, an open-source workflow automation platform, allowed authenticated users to execute arbitrary commands or read files, which have been addressed in versions 1.123.10 and 2.5.0.
9.9 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
n8n's markdown rendering component had an XSS vulnerability allowing authenticated users to execute scripts, which has been patched in versions 2.2.1 and 1.123.9.
5.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
A vulnerability in n8n versions prior to 1.123.12 and 2.4.0 allows unauthenticated attackers to exploit workflows processing uploaded files via SSH, potentially leading to remote code execution.
8.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
A vulnerability in n8n's Merge node's SQL Query mode allowed authenticated users to write arbitrary files to the server, potentially enabling remote code execution, which has been addressed in versions 1.118.0 and 2.4.0.
8.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
A vulnerability in the Python Code node of n8n allowed authenticated users to escape the sandbox environment, but it has been patched in version 2.4.8.
9.9 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
n8n's community package installation had a command injection vulnerability allowing administrative users to execute arbitrary commands, now patched in version 1.120.3 with no reported exploitation.
CWE-20 - Improper Input ValidationAffected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
N8N / N8N
|
vers:unknown/* |
References
20 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "n8n heeft kwetsbaarheden verholpen in versies 1.114.3, 1.115.0, 1.123.17, 2.5.2, 1.122.5, 1.123.2, 1.123.18, 2.5.0, 1.123.10, 2.5.0, 2.2.1, 1.123.9, 1.123.12, 2.4.0, 1.118.0, 2.4.0, 2.4.8, en 1.120.3.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden omvatten onder andere het gebruik van `Buffer.allocUnsafe()` en `Buffer.allocUnsafeSlow()`, wat kan leiden tot informatie openbaarmaking. Daarnaast zijn er kwetsbaarheden in de expressie-evaluatiefuncties die geauthenticeerde gebruikers in staat stellen om ongewenste systeemcommando\u0027s uit te voeren. Er zijn ook Cross-site Scripting (XSS) kwetsbaarheden ontdekt in de webhook-responsverwerking en de markdown-renderingcomponent, die kunnen leiden tot sessieovername. Verder zijn er kwetsbaarheden in de bestandsaccesscontrols en de Git-node, die het mogelijk maken voor geauthenticeerde gebruikers om gevoelige bestanden te lezen en willekeurige commando\u0027s uit te voeren. Een andere kwetsbaarheid stelt ongeauthenticeerde aanvallers in staat om workflows te exploiteren die ge\u00fcploade bestanden via SSH verwerken, wat kan leiden tot remote code execution. Bovendien is er een kwetsbaarheid in de Merge-node\u0027s SQL Query-modus, en in de Python Code-node die het mogelijk maakt om de sandbox-omgeving te ontsnappen. Tot slot is er een command injection-kwetsbaarheid in de community package installatie.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "n8n heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"title": "CWE-80"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "general",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
},
{
"category": "general",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "Improper Control of Dynamically-Managed Code Resources",
"title": "CWE-913"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-49mx-fj45-q3p6"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-6cqr-8cfr-67f8"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-7c4h-vh2m-743m"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-825q-w924-xhgx"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-8398-gmmx-564h"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-9g95-qf3f-ggrw"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-gfvg-qv54-r4pc"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-hv53-3329-vmrm"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-m82q-59gv-mcr9"
},
{
"category": "external",
"summary": "Reference",
"url": "https://github.com/advisories/GHSA-qpq4-pw7f-pp8w"
}
],
"title": "Kwetsbaarheden verholpen in n8n",
"tracking": {
"current_release_date": "2026-02-09T10:39:40.792744Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0049",
"initial_release_date": "2026-02-09T10:39:40.792744Z",
"revision_history": [
{
"date": "2026-02-09T10:39:40.792744Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "N8N"
}
],
"category": "vendor",
"name": "N8N"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61917",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
},
{
"category": "description",
"text": "n8n\u0027s task runner had a vulnerability allowing untrusted code to allocate uninitialized memory, which has been patched in versions 1.114.3 and 1.115.0 by ensuring zero-filled buffer allocations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61917 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61917.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-61917"
},
{
"cve": "CVE-2026-25049",
"cwe": {
"id": "CWE-913",
"name": "Improper Control of Dynamically-Managed Code Resources"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Dynamically-Managed Code Resources",
"title": "CWE-913"
},
{
"category": "description",
"text": "Recent updates in n8n versions 1.123.17 and 2.5.2 address a vulnerability allowing authenticated users to execute unintended system commands through expression evaluation exploits.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25049 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25049.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25049"
},
{
"cve": "CVE-2026-25051",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "description",
"text": "A Cross-site Scripting (XSS) vulnerability in n8n\u0027s webhook response handling, affecting versions prior to 1.123.2, has been patched to prevent authenticated users from executing malicious scripts.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25051 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25051.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25051"
},
{
"cve": "CVE-2026-25052",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "description",
"text": "A vulnerability in n8n\u0027s file access controls allows authenticated users to read sensitive files, leading to potential account takeovers, but has been patched in versions 1.123.18 and 2.5.0.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25052 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25052.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25052"
},
{
"cve": "CVE-2026-25053",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "description",
"text": "Vulnerabilities in the Git node of n8n, an open-source workflow automation platform, allowed authenticated users to execute arbitrary commands or read files, which have been addressed in versions 1.123.10 and 2.5.0.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25053 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25053"
},
{
"cve": "CVE-2026-25054",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "other",
"text": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"title": "CWE-80"
},
{
"category": "description",
"text": "n8n\u0027s markdown rendering component had an XSS vulnerability allowing authenticated users to execute scripts, which has been patched in versions 2.2.1 and 1.123.9.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25054 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25054.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25054"
},
{
"cve": "CVE-2026-25055",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "description",
"text": "A vulnerability in n8n versions prior to 1.123.12 and 2.4.0 allows unauthenticated attackers to exploit workflows processing uploaded files via SSH, potentially leading to remote code execution.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25055 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25055.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25055"
},
{
"cve": "CVE-2026-25056",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "other",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "description",
"text": "A vulnerability in n8n\u0027s Merge node\u0027s SQL Query mode allowed authenticated users to write arbitrary files to the server, potentially enabling remote code execution, which has been addressed in versions 1.118.0 and 2.4.0.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25056 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25056.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25056"
},
{
"cve": "CVE-2026-25115",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "description",
"text": "A vulnerability in the Python Code node of n8n allowed authenticated users to escape the sandbox environment, but it has been patched in version 2.4.8.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2026-25115"
},
{
"cve": "CVE-2026-21893",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "description",
"text": "n8n\u0027s community package installation had a command injection vulnerability allowing administrative users to execute arbitrary commands, now patched in version 1.120.3 with no reported exploitation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21893 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21893.json"
}
],
"title": "CVE-2026-21893"
}
]
}
WID-SEC-W-2026-0318
Vulnerability from csaf_certbund - Published: 2026-02-04 23:00 - Updated: 2026-03-26 23:00Summary
n8n: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: n8n ist ein Workflow-Automatisierungstool, mit dem verschiedene Anwendungen und Dienste miteinander verbunden werden können, um Aufgaben zu automatisieren.
Angriff: Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in n8n ausnutzen, um beliebigen Code auszuführen, sich erhöhte Berechtigungen zu verschaffen, Cross-Site-Scripting-Angriffe durchzuführen und vertrauliche Informationen offenzulegen. Über einige dieser Schwachstellen sind weitere Angriffe möglich, wie beispielsweise die Übernahme von Konten, das Hijacking von Sitzungen und die vollständige Kompromittierung des Systems.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.123.17
n8n / n8n
|
<1.123.17 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <2.4.0
n8n / n8n
|
<2.4.0 | ||
|
n8n n8n <1.123.2
n8n / n8n
|
<1.123.2 | ||
|
n8n n8n <2.5.2
n8n / n8n
|
<2.5.2 | ||
|
n8n n8n <1.123.10
n8n / n8n
|
<1.123.10 | ||
|
n8n n8n <2.5.0
n8n / n8n
|
<2.5.0 | ||
|
n8n n8n <1.123.12
n8n / n8n
|
<1.123.12 | ||
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.123.9
n8n / n8n
|
<1.123.9 | ||
|
n8n n8n <2.4.8
n8n / n8n
|
<2.4.8 | ||
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <1.123.2
n8n / n8n
|
<1.123.2 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.123.17
n8n / n8n
|
<1.123.17 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <2.4.0
n8n / n8n
|
<2.4.0 | ||
|
n8n n8n <1.123.2
n8n / n8n
|
<1.123.2 | ||
|
n8n n8n <1.123.10
n8n / n8n
|
<1.123.10 | ||
|
n8n n8n <2.5.0
n8n / n8n
|
<2.5.0 | ||
|
n8n n8n <1.123.18
n8n / n8n
|
<1.123.18 | ||
|
n8n n8n <1.123.12
n8n / n8n
|
<1.123.12 | ||
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.123.9
n8n / n8n
|
<1.123.9 | ||
|
n8n n8n <2.4.8
n8n / n8n
|
<2.4.8 | ||
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.5.0
n8n / n8n
|
<2.5.0 | ||
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.123.9
n8n / n8n
|
<1.123.9 | ||
|
n8n n8n <2.4.8
n8n / n8n
|
<2.4.8 | ||
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 | ||
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <2.4.0
n8n / n8n
|
<2.4.0 | ||
|
n8n n8n <1.123.2
n8n / n8n
|
<1.123.2 | ||
|
n8n n8n <1.123.10
n8n / n8n
|
<1.123.10 |
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.123.9
n8n / n8n
|
<1.123.9 | ||
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 | ||
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <1.123.2
n8n / n8n
|
<1.123.2 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.123.12
n8n / n8n
|
<1.123.12 | ||
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.123.9
n8n / n8n
|
<1.123.9 | ||
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 | ||
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <2.4.0
n8n / n8n
|
<2.4.0 | ||
|
n8n n8n <1.123.2
n8n / n8n
|
<1.123.2 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 | ||
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 | ||
|
n8n n8n <2.4.0
n8n / n8n
|
<2.4.0 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.2.1
n8n / n8n
|
<2.2.1 | ||
|
n8n n8n <2.4.8
n8n / n8n
|
<2.4.8 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <1.120.3
n8n / n8n
|
<1.120.3 | ||
|
n8n n8n <1.114.3
n8n / n8n
|
<1.114.3 | ||
|
n8n n8n <1.118.0
n8n / n8n
|
<1.118.0 |
References
13 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "n8n ist ein Workflow-Automatisierungstool, mit dem verschiedene Anwendungen und Dienste miteinander verbunden werden k\u00f6nnen, um Aufgaben zu automatisieren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in n8n ausnutzen, um beliebigen Code auszuf\u00fchren, sich erh\u00f6hte Berechtigungen zu verschaffen, Cross-Site-Scripting-Angriffe durchzuf\u00fchren und vertrauliche Informationen offenzulegen. \u00dcber einige dieser Schwachstellen sind weitere Angriffe m\u00f6glich, wie beispielsweise die \u00dcbernahme von Konten, das Hijacking von Sitzungen und die vollst\u00e4ndige Kompromittierung des Systems.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0318 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0318.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0318 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0318"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-7c4h-vh2m-743m"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/advisories/GHSA-49mx-fj45-q3p6"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-hv53-3329-vmrm"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-m82q-59gv-mcr9"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/advisories/GHSA-qpq4-pw7f-pp8w"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-9g95-qf3f-ggrw"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-gfvg-qv54-r4pc"
},
{
"category": "external",
"summary": "n8n GitHub vom 2026-02-04",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-825q-w924-xhgx"
},
{
"category": "external",
"summary": "PoC CVE-2026-25049 vom 2026-02-04",
"url": "https://www.pillar.security/blog/n8n-sandbox-escape-critical-vulnerabilities-in-n8n-exposes-hundreds-of-thousands-of-enterprise-ai-systems-to-complete-takeover"
}
],
"source_lang": "en-US",
"title": "n8n: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-26T23:00:00.000+00:00",
"generator": {
"date": "2026-03-27T09:11:16.781+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0318",
"initial_release_date": "2026-02-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-02-05T23:00:00.000+00:00",
"number": "2",
"summary": "doppelte Eintragung bereinigt"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-16177"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.4.8",
"product": {
"name": "n8n n8n \u003c2.4.8",
"product_id": "T050537"
}
},
{
"category": "product_version",
"name": "2.4.8",
"product": {
"name": "n8n n8n 2.4.8",
"product_id": "T050537-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.4.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.120.3",
"product": {
"name": "n8n n8n \u003c1.120.3",
"product_id": "T050538"
}
},
{
"category": "product_version",
"name": "1.120.3",
"product": {
"name": "n8n n8n 1.120.3",
"product_id": "T050538-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.120.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.5.0",
"product": {
"name": "n8n n8n \u003c2.5.0",
"product_id": "T050539"
}
},
{
"category": "product_version",
"name": "2.5.0",
"product": {
"name": "n8n n8n 2.5.0",
"product_id": "T050539-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.5.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.10",
"product": {
"name": "n8n n8n \u003c1.123.10",
"product_id": "T050540"
}
},
{
"category": "product_version",
"name": "1.123.10",
"product": {
"name": "n8n n8n 1.123.10",
"product_id": "T050540-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.5.2",
"product": {
"name": "n8n n8n \u003c2.5.2",
"product_id": "T050541"
}
},
{
"category": "product_version",
"name": "2.5.2",
"product": {
"name": "n8n n8n 2.5.2",
"product_id": "T050541-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.5.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.17",
"product": {
"name": "n8n n8n \u003c1.123.17",
"product_id": "T050542"
}
},
{
"category": "product_version",
"name": "1.123.17",
"product": {
"name": "n8n n8n 1.123.17",
"product_id": "T050542-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.17"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.114.3",
"product": {
"name": "n8n n8n \u003c1.114.3",
"product_id": "T050543"
}
},
{
"category": "product_version",
"name": "1.114.3",
"product": {
"name": "n8n n8n 1.114.3",
"product_id": "T050543-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.114.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.4.0",
"product": {
"name": "n8n n8n \u003c2.4.0",
"product_id": "T050544"
}
},
{
"category": "product_version",
"name": "2.4.0",
"product": {
"name": "n8n n8n 2.4.0",
"product_id": "T050544-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.4.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.118.0",
"product": {
"name": "n8n n8n \u003c1.118.0",
"product_id": "T050545"
}
},
{
"category": "product_version",
"name": "1.118.0",
"product": {
"name": "n8n n8n 1.118.0",
"product_id": "T050545-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.118.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.12",
"product": {
"name": "n8n n8n \u003c1.123.12",
"product_id": "T050546"
}
},
{
"category": "product_version",
"name": "1.123.12",
"product": {
"name": "n8n n8n 1.123.12",
"product_id": "T050546-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.18",
"product": {
"name": "n8n n8n \u003c1.123.18",
"product_id": "T050547"
}
},
{
"category": "product_version",
"name": "1.123.18",
"product": {
"name": "n8n n8n 1.123.18",
"product_id": "T050547-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.2.1",
"product": {
"name": "n8n n8n \u003c2.2.1",
"product_id": "T050548"
}
},
{
"category": "product_version",
"name": "2.2.1",
"product": {
"name": "n8n n8n 2.2.1",
"product_id": "T050548-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.9",
"product": {
"name": "n8n n8n \u003c1.123.9",
"product_id": "T050549"
}
},
{
"category": "product_version",
"name": "1.123.9",
"product": {
"name": "n8n n8n 1.123.9",
"product_id": "T050549-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.2",
"product": {
"name": "n8n n8n \u003c1.123.2",
"product_id": "T050550"
}
},
{
"category": "product_version",
"name": "1.123.2",
"product": {
"name": "n8n n8n 1.123.2",
"product_id": "T050550-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.2"
}
}
}
],
"category": "product_name",
"name": "n8n"
}
],
"category": "vendor",
"name": "n8n"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61917",
"product_status": {
"known_affected": [
"T050543"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2025-61917"
},
{
"cve": "CVE-2026-25049",
"product_status": {
"known_affected": [
"T050543",
"T050542",
"T050545",
"T050544",
"T050550",
"T050541",
"T050540",
"T050539",
"T050546",
"T050538",
"T050549",
"T050537",
"T050548"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25049"
},
{
"cve": "CVE-2026-25051",
"product_status": {
"known_affected": [
"T050538",
"T050543",
"T050545",
"T050550"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25051"
},
{
"cve": "CVE-2026-25052",
"product_status": {
"known_affected": [
"T050543",
"T050542",
"T050545",
"T050544",
"T050550",
"T050540",
"T050539",
"T050547",
"T050546",
"T050538",
"T050549",
"T050537",
"T050548"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25052"
},
{
"cve": "CVE-2026-25053",
"product_status": {
"known_affected": [
"T050539",
"T050538",
"T050549",
"T050537",
"T050548",
"T050543",
"T050545",
"T050544",
"T050550",
"T050540"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25053"
},
{
"cve": "CVE-2026-25054",
"product_status": {
"known_affected": [
"T050538",
"T050549",
"T050548",
"T050543",
"T050545",
"T050550"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25054"
},
{
"cve": "CVE-2026-25055",
"product_status": {
"known_affected": [
"T050546",
"T050538",
"T050549",
"T050548",
"T050543",
"T050545",
"T050544",
"T050550"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25055"
},
{
"cve": "CVE-2026-25056",
"product_status": {
"known_affected": [
"T050548",
"T050543",
"T050545",
"T050544"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25056"
},
{
"cve": "CVE-2026-25115",
"product_status": {
"known_affected": [
"T050548",
"T050537"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-25115"
},
{
"cve": "CVE-2026-21893",
"product_status": {
"known_affected": [
"T050538",
"T050543",
"T050545"
]
},
"release_date": "2026-02-04T23:00:00.000+00:00",
"title": "CVE-2026-21893"
}
]
}
FKIE_CVE-2026-25115
Vulnerability from fkie_nvd - Published: 2026-02-04 17:16 - Updated: 2026-02-05 20:44
Severity ?
Summary
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "E5B03DE1-526B-4F58-B199-88D39DF532F0",
"versionEndExcluding": "2.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8."
},
{
"lang": "es",
"value": "n8n es una plataforma de automatizaci\u00f3n de flujos de trabajo de c\u00f3digo abierto. Antes de la versi\u00f3n 2.4.8, una vulnerabilidad en el nodo de C\u00f3digo Python permite a los usuarios autenticados escapar del entorno sandbox de Python y ejecutar c\u00f3digo fuera del l\u00edmite de seguridad previsto. Este problema ha sido parcheado en la versi\u00f3n 2.4.8."
}
],
"id": "CVE-2026-25115",
"lastModified": "2026-02-05T20:44:21.807",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-02-04T17:16:23.877",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…