Vulnerabilities

Report: CVE-2026-42232 - n8n: XML Node Prototype Pollution to RCE

2026-05-04 0 views admin

CVE ID :CVE-2026-42232 Published : May 4, 2026, 7:16 p.m. | 57 minutes ago Description :n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype pollution. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-42232

Severity

CRITICAL

Published

May 4, 2026

Impact: RCE

🏷️ Tags

report42232prototypepollutionpublishedminutesdescriptionsourcecverce

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-42232 - n8n: XML Node Prototype Pollution to RCE

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Latest: CVE-2026-41925 - WDR201A WiFi Extender OS Command Injection via adm.cgi (reboot_time)

Report: CVE-2026-25863 - Conditional Fields for Contact Form 7 < 2.7.3 DoS via Uncontrolled Resource Cons

Report: CVE-2026-41686 - Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesys

Report: CVE-2026-38751 - OpenSTAManager File Upload Vulnerability

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting