cbcvebase.
CVE-2025-49595
published 2025-07-03

CVE-2025-49595: n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty…

PriorityP422medium4.9CVSS 3.1
AVNACLPRHUINSUCNINAH
EPSS
0.38%
29.8th percentile
n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://). This allows authenticated attackers to cause service unavailability through malformed filesystem URI requests, effecting the /rest/binary-data endpoint and n8n.cloud instances (confirmed HTTP/2 524 timeout responses). Attackers can exploit this by sending GET requests with empty filesystem URIs (filesystem:// or filesystem-v2://) to the /rest/binary-data endpoint, causing resource exhaustion and service disruption. This issue has been patched in version 1.99.0.

Affected

3 ranges
VendorProductVersion rangeFixed in
n8n-ion8n< 1.99.01.99.0
n8nn8n< 1.99.01.99.0
n8nn8n>= 0 < 1.99.01.99.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.