Self-hosted apps

CVE-2026-54317

CVE-2026-54318

A vulnerability in Gitea allows attackers to redirect users to external websites after login by using special characters in the redirect_to parameter, which can lead to phishing attacks.

A security vulnerability in Gitea allows read-only organization members to create repositories via API despite lacking permission, enabling them to steal all organization CI/CD secrets through malicious workflow files.

Gitea's 3D file viewer has a security vulnerability that allows attackers to inject malicious JavaScript code through crafted .gltf files, which then executes for any user who views the file.

A vulnerability in Gitea allows attackers with 'public-only' API tokens to access and modify private user data, even though these tokens should only be able to retrieve public information.

A vulnerability in n8n workflow software allows authenticated users with editing permissions to inject malicious JavaScript code into Chat Trigger pages, which then executes in other users' sessions.

A security vulnerability in the n8n workflow automation software allows cross-site scripting attacks when logged-in users visit specially crafted URLs, enabling attackers to execute malicious code in the user's browser.

A vulnerability in n8n allows authenticated users to cause global prototype pollution through the Microsoft SQL node, rendering the entire n8n server non-functional until restart.

A vulnerability in the n8n workflow software allows authenticated users to access other users' workflow data through the Merge node's SQL mode, because the sandbox context is shared and reused across different workflow executions.

A vulnerability in the n8n workflow software allows attackers to inject malicious data through public webhooks into workflows, potentially causing downstream actions to execute with incorrect data or credentials.

A security vulnerability in the n8n workflow software allows authenticated users to inject malicious JavaScript code into other users' browsers through webhook nodes, potentially stealing their session data.

A vulnerability in n8n workflow software allows attackers to send fake data to certain webhook nodes and execute workflows with manipulated content without requiring authentication.

A vulnerability in the n8n workflow automation software allows users with only read permissions to execute workflows despite lacking execution permissions. This can result in unintended API calls and data modifications in connected systems.

A security vulnerability in the n8n workflow software allows authenticated users with editing permissions to inject malicious filter queries through the MongoDB node, potentially overwriting unintended database documents with attacker-controlled content.

A vulnerability in the n8n workflow software allows authenticated users to inject malicious SQL commands through TimescaleDB and Postgres nodes and execute them on the connected database.

A vulnerability in the n8n workflow software allows authenticated users to send SecurityScorecard API tokens to attacker-controlled servers, potentially exposing sensitive credentials to unauthorized parties.

A security flaw in n8n's browser control component allows unauthenticated attackers to control browser functions when HTTP transport is used. This enables strangers to access cookies, website data, and execute JavaScript in the user's browser.

A security flaw in n8n Enterprise software allows authenticated users to access and hijack other users' credentials, potentially leading to data theft or workflow disruption.

In the n8n workflow automation software, users with editor access to shared workflows can access credentials they don't own through specific API endpoints due to incomplete ownership verification checks.

A vulnerability in n8n allows users with limited read permissions to start, cancel, and delete workflow test runs even though they should only have read access.

A vulnerability in n8n's Compression node allows attackers to cause memory exhaustion and crash all workflows by sending small compressed archives to public webhooks, as the decompression operation lacks size limits.

A vulnerability in Jellyfin allows regular users to inject malicious JavaScript code into administrators' browsers when they view certain user settings in the dashboard.

A security vulnerability in Jellyfin allows specially crafted MKV video files to write files to arbitrary locations on the server through manipulated filename tags when the video is played back.