Threats Tagged 'cve-2026-42228'
View all threats tagged with 'cve-2026-42228'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-42228'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-42228: CWE-862: Missing Authorization in n8n-io n8nCVE-2026-42228 0 n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state could attach to that execution, receive the pending prompt intended for the legitimate user, and submit arbitrary input to resume or influence downstream workflow behavior. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1. Join the discussion | CVE Database V5 | 05/04/2026, 18:27:06 UTC Added: 05/04/2026, 18:51:26 UTC |
Showing 1 to 1 of 1 result