Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.5 HIGH
CVE-2026-27578 — n8n Vulnerable to Stored XSS via Various Nodes

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts i…

n8n | Remote | Cross-Site Scripting
Feb 25, 2026 Mar 04, 2026
Feb 25, 2026
Mar 04, 2026
9.9 CRITICAL
CVE-2026-27577 — n8n: Expression Sandbox Escape Leads to RCE

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expression evaluation of n8n have been identified and patched following C…

n8n | Remote | Injection
Feb 25, 2026 Mar 04, 2026
Feb 25, 2026
Mar 04, 2026
9.0 CRITICAL
CVE-2026-27498 — n8n has Arbitrary Command Execution via File Write and Git Operations

n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk…

n8n | Remote | Authentication
Feb 25, 2026 Mar 04, 2026
Feb 25, 2026
Mar 04, 2026
9.4 CRITICAL
CVE-2026-27497 — n8n has Potential Remote Code Execution via Merge Node

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could leverage the Merge node's …

n8n | Remote | Injection
Feb 25, 2026 Mar 04, 2026
Feb 25, 2026
Mar 04, 2026
9.9 CRITICAL
CVE-2026-27495 — n8n has a Sandbox Escape in its JavaScript Task Runner

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in…

n8n | Remote | Misconfiguration
Feb 25, 2026 Mar 04, 2026
Feb 25, 2026
Mar 04, 2026
9.9 CRITICAL
CVE-2026-27494 — n8n has Arbitrary File Read via Python Code Node Sandbox Escape

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node t…

n8n | Remote | Injection
Feb 25, 2026 Mar 05, 2026
Feb 25, 2026
Mar 05, 2026
9.5 CRITICAL
CVE-2026-27493 — n8n has Unauthenticated Expression Evaluation via Form Node

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an un…

n8n | Remote | Injection
Feb 25, 2026 Mar 05, 2026
Feb 25, 2026
Mar 05, 2026
Showing 20 of 6127 Results