<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-16T16:56:08.068764+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fab9123b-8398-4f9f-95c7-83b16174f7fd/export</id>
    <title>fab9123b-8398-4f9f-95c7-83b16174f7fd</title>
    <updated>2026-07-16T16:56:08.089869+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fab9123b-8398-4f9f-95c7-83b16174f7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54052", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqqfn6iw5w2z", "content": "CRITICAL: czlonkowski n8n-mcp &amp;lt;2.56.1 lets tenants access &amp;amp; delete other tenants' workflow backups in multi-tenant HTTP mode. Upgrade to 2.56.1+ to secure sensitive data. https://radar.offseq.com/threat/cve-2026-54052-cwe-639-authorization-bypass-throug-04ca76ef25ff4df2 #OffSeq #CVE", "creation_timestamp": "2026-07-16T04:30:29.334274Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fab9123b-8398-4f9f-95c7-83b16174f7fd/export"/>
    <published>2026-07-16T04:30:29.334274+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/431d7c87-bf59-4795-a058-2c5ae747e2bf/export</id>
    <title>431d7c87-bf59-4795-a058-2c5ae747e2bf</title>
    <updated>2026-07-16T16:56:08.093180+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "431d7c87-bf59-4795-a058-2c5ae747e2bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-54052", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116927773174475079", "content": "CVE-2026-54052: CRITICAL auth bypass in czlonkowski n8n-mcp &amp;lt;2.56.1. Multi-tenant HTTP mode allows tenants to access/delete others\u2019 sensitive workflow backups. Patch to 2.56.1 ASAP. https://radar.offseq.com/threat/cve-2026-54052-cwe-639-authorization-bypass-throug-04ca76ef25ff4df2 #OffSeq #CVE #infosec #vuln", "creation_timestamp": "2026-07-16T04:30:27.210870Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/431d7c87-bf59-4795-a058-2c5ae747e2bf/export"/>
    <published>2026-07-16T04:30:27.210870+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6d526613-d392-4707-b14c-255c77ea1161/export</id>
    <title>6d526613-d392-4707-b14c-255c77ea1161</title>
    <updated>2026-07-16T16:56:08.093401+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6d526613-d392-4707-b14c-255c77ea1161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54052", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqpyhctsqt2x", "content": "CVE-2026-54052 - n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP deployments\nCVE ID : CVE-2026-54052\n \n Published : July 15, 2026, 9:16 p.m. | 1\u00a0hour, 17\u00a0minutes ago\n \n Description : n8n-MCP is an MCP server that provides AI assistants access to n...", "creation_timestamp": "2026-07-16T00:34:33.321935Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6d526613-d392-4707-b14c-255c77ea1161/export"/>
    <published>2026-07-16T00:34:33.321935+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d8c1412a-97b8-4386-b0ea-e1da91168c5d/export</id>
    <title>d8c1412a-97b8-4386-b0ea-e1da91168c5d</title>
    <updated>2026-07-16T16:56:08.093581+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d8c1412a-97b8-4386-b0ea-e1da91168c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54052", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqppubmqtj2w", "content": "\ud83d\udd34 CVE-2026-54052 - Critical (9.9)\n\nn8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-54052/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-15T22:00:44.757823Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d8c1412a-97b8-4386-b0ea-e1da91168c5d/export"/>
    <published>2026-07-15T22:00:44.757823+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/aa5d58d6-b78e-46fc-9411-d56cc9c9e002/export</id>
    <title>aa5d58d6-b78e-46fc-9411-d56cc9c9e002</title>
    <updated>2026-07-16T16:56:08.093701+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "aa5d58d6-b78e-46fc-9411-d56cc9c9e002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-54052", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqn7siy2dj2q", "content": "CVE-2026-54052 - n8n-mcp\nIn multi-tenant n8n-MCP deployments, an authenticated tenant could access and delete other tenants' workflow backup data. This is fixed in version 2.56.1. To protect your data, upgrade to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#n8nmcp #npm #CVE #infosec", "creation_timestamp": "2026-07-14T22:08:05.683764Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/aa5d58d6-b78e-46fc-9411-d56cc9c9e002/export"/>
    <published>2026-07-14T22:08:05.683764+00:00</published>
  </entry>
</feed>
