CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
Infosecurity Magazine

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers ...
GitHub

Generate markdown from dataview query and javascript.

Powerful, Dead Simple Markdown based, work with every markdown editor / render Works well with Dataview, Templater, Obsidian publish you define your expression in the starting tag. The expression will ...
The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...

A critical n8n flaw has been discovered - here's how to stay safe

A patch and workarounds are available.
GitHub

Highcharts Core for Python

Highcharts Core for Python is a Python library that provides a Python wrapper for the Highcharts Core JavaScript data visualization library, with full integration into the robust Python ecosystem, ...