JFrog Security Research
< Back
Software Vulnerabilities
Last Updated On 27 Jan, 2026
- JFSA-2026-001651697n8n Expression Node RCECVE-2026-1470criticalDiscovered ByNatan NehoraiPublished on 27 Jan, 2026
- JFSA-2026-001651077n8n Python runner sandbox escapeCVE-2026-0863highDiscovered ByNatan NehoraiPublished on 18 Jan, 2026
- Node.js filesystem permissions bypassCVE-2025-55130highDiscovered ByNatan NehoraiPublished on 13 Jan, 2026
- JFSA-2025-001648329python-utcp untrusted Manual command executionCVE-2025-14542highDiscovered ByOr PelesPublished on 11 Dec, 2025
- JFSA-2025-001648159Litmus Chaos JWT Missing Entropy Privilege EscalationCVE-2025-14261highDiscovered ByNatan NehoraiPublished on 8 Dec, 2025
- n8n Git Node RCECVE-2025-62726highDiscovered ByAssaf LevkovichPublished on 4 Nov, 2025
- JFSA-2025-001495652DSPy sandbox escape arbitrary file readCVE-2025-12695mediumDiscovered ByNatan NehoraiPublished on 4 Nov, 2025
- Cursor CLI Untrusted Project RCECVE-2025-61592highDiscovered ByAssaf LevkovichPublished on 4 Nov, 2025
- JFSA-2025-001495618React Native CLI Command InjectionCVE-2025-11953criticalDiscovered ByOr PelesPublished on 3 Nov, 2025
- JFSA-2025-001494691oatpp-mcp prompt hijackingCVE-2025-6515mediumDiscovered ByOri HollanderPublished on 20 Oct, 2025