CVE-2026-56348 | n8n-io n8n up to 2.19.x options server-side request forgery (GHSA-3875-8gcx-7v46)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability described as critical has been identified in n8n-io n8n up to 2.19.x. This issue affects some unknown processing of the file /rest/dynamic-node-parameters/options. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-56348. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is recommended.

CVE-2026-56348 | n8n-io n8n up to 2.19.x options server-side request forgery (GHSA-3875-8gcx-7v46)

Post correlati

CVE-2025-57063 | Tenda G3 15.11.0.17 formDelPortMapping portMappingIndex stack-based overflow

CVE-2023-5756 | Supsystic Digital Publications Plugin up to 1.7.6 on WordPress AJAX Action cross-site request forgery

CVE-2025-48995 | XML-Security signxml up to 4.0.3 timing discrepancy (GHSA-gmhf-gg8w-jw42)

CVE-2025-4110 | PHPGurukul Pre-School Enrollment System 1.0 /admin/edit-teacher.php mobilenumber sql injection