VYPR

N8n

by N8n Io

npm: n8n

Source repositories

CVEs (86)

  • CVE-2025-57749Aug 20, 2025
    risk 0.00cvss epss 0.00

    n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks).…

  • CVE-2025-52478Aug 19, 2025
    risk 0.00cvss epss 0.00

    n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a stored Cross-Site Scripting (XSS) vulnerability was identified in n8n, specifically in the Form Trigger node's HTML form element. An authenticated attacker can inject malicious HTML via an with a…

  • CVE-2025-52554Jul 3, 2025
    risk 0.00cvss epss 0.00

    n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading…

  • CVE-2025-49595Jul 3, 2025
    risk 0.00cvss epss 0.00

    n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://). This allows authenticated attackers to cause service unavailability…

  • CVE-2025-49592Jun 26, 2025
    risk 0.00cvss epss 0.00

    n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious URLs with a misleading redirect query…

  • CVE-2025-46343Apr 29, 2025
    risk 0.00cvss epss 0.00

    n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no…

Page 5 of 5