Allsmog

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 **Description** n8n is an open source workflow automation platform. An authenticated user with permission to create or modify workflows could leverage the Merge node's SQL query mode to execute arbitrary code and write arbitrary files on the n8n server. This could potentially allow for full server takeover. **Recommendations** Upgrade to n8n version 2.10.1 or later. Upgrade to n8n version 2.9.3 or later. Upgrade to n8n version 1.123.22 or later.