CNNVD-202602-614 Information

CNNVD ID

CNNVD-202602-614

Related CVE

CVE-2026-25053

• CNNVD Published: 2026-02-04

Description (Chinese)

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.123.10之前版本和2.5.0之前版本存在操作系统命令注入漏洞，该漏洞源于Git节点存在漏洞，可能导致执行任意系统命令或读取任意文件。

Description (English)

n8n is an expanded workflow automation tool for n8n open source. n8n 1.123.10 Before and 2.5.0 there is a gap in the operating system commands, which stems from a gap at the Git node, which may lead to the execution of arbitrary system orders or to the reading of arbitrary documents.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

n8n

Published

2026-02-04

Last Modified

2026-02-24

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-9g95-qf3f-ggrw https://access.redhat.com/security/cve/cve-2026-25053

Patch

https://github.com/n8n-io/n8n/releases