AI Component

Agent

AI agent frameworks (AutoGPT, CrewAI, LangGraph, etc.) orchestrate LLM-powered autonomous actions. Their tool-use capabilities create unique attack surfaces not present in simple chat interfaces.

298

Total CVEs

Pages

Page 7 of 15

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2025-61687	Flowise: unrestricted file upload enables persistent RCE	flowise	8.8
CRITICAL	CVE-2025-61913	Flowise: path traversal in file tools leads to RCE	flowise	9.9
HIGH	CVE-2026-26286	sillytavern: SSRF allows internal network access		8.5
MEDIUM	CVE-2023-27562	n8n: path traversal allows arbitrary file read	n8n	6.5
HIGH	CVE-2023-27563	n8n: privilege escalation exposes full workflow admin	n8n	8.8
HIGH	CVE-2023-27564	n8n: unauthenticated info disclosure exposes credentials	n8n	7.5
MEDIUM	CVE-2025-46343	n8n: stored XSS enables account takeover	n8n	5.4
MEDIUM	CVE-2025-49592	n8n: open redirect enables phishing via login flow	n8n	5.4
MEDIUM	CVE-2025-49595	n8n: DoS via empty filesystem URI in binary-data API	n8n	4.9
MEDIUM	CVE-2025-52554	n8n: broken authz enables cross-user workflow termination	n8n	4.3
MEDIUM	CVE-2025-52478	n8n: Stored XSS enables full account takeover	n8n	5.4
MEDIUM	CVE-2025-57749	n8n: symlink traversal enables arbitrary file read/write	n8n	6.5
CRITICAL	CVE-2025-55526	n8n-workflows: path traversal in download_workflow endpoint	fastapi	9.1
HIGH	CVE-2025-56265	n8n: unrestricted file upload RCE via Chat Trigger	n8n	8.8
HIGH	CVE-2025-62726	n8n: security flaw enables exploitation	n8n	8.8
HIGH	CVE-2025-65964	n8n: security flaw enables exploitation	n8n	8.8
HIGH	CVE-2025-68613	n8n: security flaw enables exploitation	n8n	8.8
MEDIUM	CVE-2025-61914	n8n: XSS enables session hijacking	n8n	5.4
CRITICAL	CVE-2025-68668	n8n: Protection Bypass circumvents security controls	n8n	9.9
MEDIUM	CVE-2025-68697	n8n: security flaw enables exploitation	n8n	5.4

Page 7 of 15

Previous Next

Related AI Components

Framework API Model Inference Training Data RAG

Agent

Related AI Components

Weekly CISO Take + top threats