All disclosed vulnerabilities by Snyk

• • H
  Directory Traversal in github.com/lxc/incus/internal/server/instance/drivers (golang)

  Discovered by rmcnamara-snyk
  26 Jan 2026
• • M
  Regular Expression Denial of Service (ReDoS) in diff (npm)

  Discovered by Guiyi He
  22 Jan 2026
• • M
  Stored XSS in net.sourceforge.plantuml:plantuml (maven)

  Discovered by Catalin Iovita (Snyk Security Research)
  15 Jan 2026
• • M
  Permissive List of Allowed Inputs in n8n-nodes-base (npm)

  Discovered by Berk Dedekargınoğlu
  13 Jan 2026
• • H
  Prototype Pollution in pace-js (npm)

  Discovered by Zhengyu Liu
  29 Dec 2025
• • C
  Remote Code Execution (RCE) in n8n-workflow (npm)

  Discovered by Berk Dedekargınoğlu, VladimirEliTokarev
  29 Dec 2025
• • C
  Remote Code Execution (RCE) in n8n-nodes-base (npm)

  Discovered by Berk Dedekargınoğlu, VladimirEliTokarev
  29 Dec 2025
• • C
  Remote Code Execution (RCE) in @n8n/config (npm)

  Discovered by Berk Dedekargınoğlu, VladimirEliTokarev
  28 Dec 2025
• • M
  Cross-site Request Forgery (CSRF) in fastapi-sso (pip)

  Discovered by David Borș (Snyk Security Research)
  18 Dec 2025
• • M
  Cross-site Scripting (XSS) in @tiptap/extension-link (npm)

  Discovered by Thai Do Nhat
  8 Dec 2025