Jubke

**Name of the Vulnerable Software and Affected Versions** n8n versions prior to 1.123.32 n8n versions prior to 2.17.4 n8n versions prior to 2.18.1 **Description** An open source workflow automation platform contains an issue where the Snowflake node and the legacy MySQL v1 node construct SQL queries by directly interpolating user-controlled table names, column names, and update keys into query strings without identifier escaping. This allows for SQL injection against the connected database. **Recommendations** Update to version 1.123.32. Update to version 2.17.4. Update to version 2.18.1.