NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-44790	n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify w...	2026-06-23	8.8	NETWORK	HIGH	NVD
CVE-2026-44789	n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify w...	2026-06-23	9.9	NETWORK	CRITICAL	NVD
CVE-2026-42867	Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowled...	2026-06-23	6.5	NETWORK	MEDIUM	NVD
CVE-2026-33760	Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow's /api/v1/monitor router exposes 7 endpoints t...	2026-06-23	8.8	NETWORK	HIGH	NVD
CVE-2026-13007	Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/* that expose sensitive application configuration data includin...	2026-06-23	7.5	NETWORK	HIGH	NVD
CVE-2026-12958	Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when ...	2026-06-23	7.8	LOCAL	HIGH	NVD
CVE-2026-12957	Improper trust boundary enforcement in Language Servers for AWS before version 1.65.0 on all supported platforms may allow a for arbitrary code execut...	2026-06-23	7.8	LOCAL	HIGH	NVD
CVE-2026-11940	tarfile.extractall() with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper...	2026-06-23	7.8	NETWORK	HIGH	NVD
CVE-2025-13162	Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1...	2026-06-23	4.4	LOCAL	MEDIUM	NVD
CVE-2026-55767	Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded...	2026-06-23	5.8	NETWORK	MEDIUM	NVD
CVE-2026-55766	guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain fir...	2026-06-23	4.8	NETWORK	MEDIUM	NVD
CVE-2026-55568	Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy i...	2026-06-23	5.9	NETWORK	MEDIUM	NVD
CVE-2026-54314	n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompress operation expanded attacker-controlled archives...	2026-06-23	7.5	NETWORK	HIGH	NVD
CVE-2026-54313	n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filter v...	2026-06-23	7.7	NETWORK	HIGH	NVD
CVE-2026-54312	n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve...	2026-06-23	8.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.