Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Cross-site Scripting (XSS)CVE-2026-27578
Affects n8n-nodes-base | Versions <1.121.15>=2.0.0 <2.9.1>=2.10.0 <2.10.1
Has fix
npmPublished 26 Feb 2026
  • C
Arbitrary Code InjectionCVE-2026-27577
Affects n8n-workflow | Versions <1.120.9>=2.0.0 <2.9.1>=2.10.0 <2.10.1
Has fix
npmPublished 26 Feb 2026
  • C
Arbitrary Code InjectionCVE-2026-27498
Affects n8n-core | Versions <1.122.4>=2.0.0 <2.1.2
Has fix
npmPublished 26 Feb 2026
  • C
Arbitrary Code InjectionCVE-2026-27498
Affects @n8n/config | Versions <1.65.2>=2.0.0 <2.0.2
Has fix
npmPublished 26 Feb 2026
  • C
Eval InjectionCVE-2026-27493
Affects n8n-nodes-base | Versions <1.121.15>=2.0.0 <2.9.1>=2.10.0 <2.10.1
Has fix
npmPublished 26 Feb 2026
  • C
Arbitrary Code InjectionCVE-2026-27495
Affects @n8n/task-runner | Versions <1.59.16>=2.0.0 <2.9.1>=2.10.0 <2.10.1
Has fix
npmPublished 26 Feb 2026
  • H
Exposure of Sensitive System Information to an Unauthorized Control SphereCVE-2026-27494
Affects n8n-nodes-base | Versions <2.7.0
Has fix
npmPublished 26 Feb 2026
  • C
Arbitrary Code InjectionCVE-2026-27497
Affects n8n-nodes-base | Versions <1.121.15>=2.0.0 <2.9.1>=2.10.0 <2.10.1
Has fix
npmPublished 26 Feb 2026
  • C
Malicious Package
Affects jest-param-validator | Versions *
No fix available
npmPublished 26 Feb 2026
  • C
Malicious Package
Affects ts-packer | Versions *
No fix available
npmPublished 26 Feb 2026
  • C
Malicious Package
Affects jest-node-paramset | Versions *
No fix available
npmPublished 26 Feb 2026
  • H
Inefficient Algorithmic ComplexityCVE-2026-27903
Affects minimatch | Versions <3.1.3>=4.0.0 <4.2.5>=5.0.0 <5.1.8>=6.0.0 <6.2.2>=7.0.0 <7.4.8>=8.0.0 <8.0.6>=9.0.0 <9.0.7>=10.0.0 <10.2.3
Has fix
npmPublished 26 Feb 2026
  • H
Regular Expression Denial of Service (ReDoS)CVE-2026-27904
Affects minimatch | Versions >=8.0.0 <8.0.6>=9.0.0 <9.0.7>=10.0.0 <10.2.3
Has fix
npmPublished 26 Feb 2026
  • C
Malicious Package
Affects chai-lite-lib | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects sample-custom-component | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects microsoft-cms-client | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects chai-as-utils | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects duer-js | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Missing Authentication for Critical FunctionCVE-2026-27584
Affects @actual-app/sync-server | Versions <26.2.1
Has fix
npmPublished 25 Feb 2026
  • C
Arbitrary Code InjectionCVE-2026-27574
Affects @oneuptime/common | Versions <10.0.0
Has fix
npmPublished 25 Feb 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-27567
Affects payload | Versions <3.75.0
Has fix
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects @ai-studio-web/app | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects @kiukicom/sidebar | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects js-multer | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects chai-iotype | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects @atg-aml-shared/kyc-domain | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects @protonme/routing | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects @unitedcapitalfinancialadvisors/finlife-component-library | Versions *
No fix available
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects @coinmetro/app | Versions *
No fix available
npmPublished 25 Feb 2026
  • H
Directory TraversalCVE-2026-27606
Affects rollup | Versions <2.80.0>=3.0.0-0 <3.30.0>=4.0.0-1 <4.59.0
Has fix
npmPublished 25 Feb 2026