CNNVD-202602-698 Information
Feb 04, 2026
cve
CNNVD ID
CNNVD-202602-698
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.65.0版本至1.114.3之前版本存在安全漏洞,该漏洞源于使用Buffer.allocUnsafe和Buffer.allocUnsafeSlow分配未初始化内存,可能导致信息泄露。
Description (English)
n8n is an expanded workflow automation tool for n8n open source. N8n 1.65.0 to 1.11.4.3 contains a security loophole, which arises from the use of Buffer.allocUnsafe and Buffer.allocUnsafeSlow to distribute uninitialized memory, which may lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
n8n
Published
2026-02-04
Last Modified
2026-02-24
References
https://github.com/n8n-io/n8n/commit/2c4c2953199733c791f739a40879ae31ca129aba https://github.com/n8n-io/n8n/security/advisories/GHSA-49mx-fj45-q3p6 https://access.redhat.com/security/cve/cve-2025-61917
Patch
https://github.com/n8n-io/n8n/releases
Share on: