Known Vulnerabilities for Workflow by Oracle
Listed below are 8 of the newest known vulnerabilities associated with "Workflow" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-61437 json | PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow._r... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-59257 json | n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-59253 json | n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folder... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59209 json | n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-59208 json | n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-59207 json | n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the All... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-59206 json | n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the de... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-58468 json | NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authent... | Not Provided | 2026-07-07 | 2026-07-08 |
| CVE-2026-58459 json | gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attac... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-58448 json | yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated use... | Not Provided | 2026-06-30 | 2026-07-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Workflow | 12.2.9 | |||
| Application | Oracle | Workflow | 12.2.8 | |||
| Application | Oracle | Workflow | 12.2.3 | |||
| Application | Oracle | Workflow | 12.2.10 | |||
| Application | Oracle | Workflow | 12.1.3 | |||
| Application | Oracle | Workflow | 11.5.9.5 | |||
| Application | Oracle | Workflow | 11.5.1 | |||
| Application | Oracle | Workflow | - |