Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
n8n: Stored XSS in Chat Trigger Node High
CVE-2026-54302 was published for n8n (npm) Jun 16, 2026
sm1ee Credited to sm1ee
sm1ee Credited to sm1ee
n8n: Merge Node SQL Mode Prototype Pollution Moderate
CVE-2026-54311 was published for n8n (npm) Jun 16, 2026
sm1ee Credited to sm1ee
n8n: Prototype Pollution enables confused-deputy execution via public webhooks Moderate
CVE-2026-54306 was published for n8n (npm) Jun 16, 2026
sm1ee Credited to sm1ee
n8n: NoSQL Injection in MongoDB Node Find And Replace Operation Moderate
CVE-2026-54313 was published for n8n (npm) Jun 16, 2026
sm1ee Credited to sm1ee
n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes Moderate
CVE-2026-54310 was published for n8n (npm) Jun 16, 2026
sm1ee Credited to sm1ee
n8n Has a Source Control Pull SQL Injection High
CVE-2026-44792 was published for n8n (npm) May 14, 2026
sm1ee Credited to sm1ee
n8n: HTTP Request Node Pagination Prototype Pollution to RCE Critical
CVE-2026-44789 was published for n8n (npm) May 14, 2026
sm1ee Credited to sm1ee
n8n has SQL Injection in SeaTable Node Moderate
CVE-2026-42229 was published for n8n (npm) Apr 29, 2026
sm1ee Credited to sm1ee
n8n has an Authentication Bypass in its Chat Trigger Node Moderate
GHSA-jh8h-6c9q-7gmw was published for n8n (npm) Feb 26, 2026
sm1ee Credited to sm1ee
ProTip! Advisories are also available from the GraphQL API