n8n Node.js 程序包 < 1.123.18 / 2.x < 2.5.0 任意文件读取 (CVE-2026-25052)
critical Nessus 插件 ID 298985
语言:
版本 1.2
Feb 17, 2026, 12:54 AM
- CVSS metrics ("Cvssv4 threat score" set to 9.4)
- CVSS metrics ("Cvssv4 threat vector" set to "CVSS:4.0/E:U")
- CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
- CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
- Exploit attributes ("Exploit available" set to "False")
- Exploit attributes ("Exploitability ease" set to "No known exploits are available")
Plugin Feed: 202602170054