N8n (>= 2.21.0, < 2.22.1)

An authenticated user with workflow creation or modification permissions can inject CLI flags into the Git node's Push operation, leading to arbitrary file read on the n8n server; patched in versions 1.123.43, 2.20.7, and 2.22.1, and tracked as CVE-2026-44790.

An authenticated n8n user with workflow creation privileges can bypass a previous patch for XML node prototype pollution, potentially leading to remote code execution on the n8n host when combined with other nodes; patched in versions 1.123.43, 2.20.7, and 2.22.1.