PatchSiren

makafeli CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW makafeli CVE published 2026-07-13

CVE-2026-15521

A vulnerability was identified in makafeli n8n-workflow-builder up to 0.11.0, affecting an unknown function of the file build/server.cjs in the update_node_from_file component. The manipulation of the argument filePath leads to path traversal. This issue requires local access to be exploited. The project was informed early but has not yet responded. Users should review and apply patches or mitigations to [truncated]