Fastapi
1 CVEs
product
Monthly
n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Path Traversal
Fastapi
Pydantic
Uvicorn
NVD
GitHub
CVSS 3.1
9.1
EPSS
0.6%
CVE-2025-55526
EPSS 1%
CVSS 9.1
CRITICAL
POC
Act Now
n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Path Traversal
Fastapi
Pydantic
+1
NVD
GitHub