CVE-2026-25055 – n8n Arbitrary File Write on Remote Systems via SSH Node

CVE ID : CVE-2026-25055

Published : Feb. 4, 2026, 4:47 p.m. | 31 minutes ago

Description : n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those remote systems potentially leading to remote code execution on those systems. As a prerequisites an unauthenticated attacker needs knowledge of such workflows existing and the endpoints for file uploads need to be unauthenticated. This issue has been patched in versions 1.123.12 and 2.4.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2026-25055 – n8n Arbitrary File Write on Remote Systems via SSH Node

تکمیل ظرفیت سرور لهستان

سرور مناسب برای ترید و ارز دیجیتال

دیتاسنتر جدید در لهستان

سرور های جدید از اسپانیا

AMD EPYC & Ryzen از کشور انگلستان

آفر های جدید AMD EPYC و AMD Ryzen

آفر سرور اختصاصی از آمریکا

افزایش قیمت دامنه های ir از ۳۱ خرداد

افزایش قیمت جهانی دامنه .com

آفر های جدید سرور اختصاصی مرداد 1403

CVE-2026-22044 – GLPI is Vulnerable to Authenticated SQL Injection

سرور های جدید از روسیه-وارز

تخفیف ویژه دامنه .ASIA

ثبت دامنه .IO

انتقال رایگان پسوند دامنه PW

Kerio Control 9.2.4 Build 2223

نوشته های مشابه

CVE-2026-25140 – apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams

CVE-2026-25121 – apko is vulnerable to path traversal in apko dirFS which allows filesystem writes outside base

CVE-2026-25122 – apko is vulnerable to unbounded resource consumption in expandapk.Split on attacker-controlled .apk streams

CVE-2026-25139 – RIOT Vulnerable to Multiple Out-of-Bounds Read When Processing Received 6LoWPAN SFR Fragments