CVE-2025-49595
published 2025-07-03CVE-2025-49595: n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty…
PriorityP422medium4.9CVSS 3.1
AVNACLPRHUINSUCNINAH
EPSS
0.38%
29.8th percentile
n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://). This allows authenticated attackers to cause service unavailability through malformed filesystem URI requests, effecting the /rest/binary-data endpoint and n8n.cloud instances (confirmed HTTP/2 524 timeout responses). Attackers can exploit this by sending GET requests with empty filesystem URIs (filesystem:// or filesystem-v2://) to the /rest/binary-data endpoint, causing resource exhaustion and service disruption. This issue has been patched in version 1.99.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| n8n-io | n8n | < 1.99.0 | 1.99.0 |
| n8n | n8n | < 1.99.0 | 1.99.0 |
| n8n | n8n | >= 0 < 1.99.0 | 1.99.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
n8n Vulnerable to Denial of Service via Malformed Binary Data Requests
ghsa·2025-07-03
CVE-2025-49595 [MEDIUM] CWE-400 n8n Vulnerable to Denial of Service via Malformed Binary Data Requests
n8n Vulnerable to Denial of Service via Malformed Binary Data Requests
## Summary
Denial of Service vulnerability in `/rest/binary-data` endpoint when processing empty filesystem URIs (`filesystem://` or `filesystem-v2://`).
### Impact
This is a Denial of Service (DoS) vulnerability that allows authenticated attackers to cause service unavailability through malformed filesystem URI requests. The vulnerability affects:
- The `/rest/binary-data` endpoint
- n8n.cloud instances (confirmed HTTP/2 524 timeout responses)
Attackers can exploit this by sending GET requests with empty filesystem URIs (`filesystem://` or `filesystem-v2://`) to the `/rest/binary-data` endpoint, causing resource exhaustion and service disruption.
### Patches
The issue has been patched in [1.99.0](https://github.c
OSV
n8n Vulnerable to Denial of Service via Malformed Binary Data Requests
osv·2025-07-03
CVE-2025-49595 [MEDIUM] n8n Vulnerable to Denial of Service via Malformed Binary Data Requests
n8n Vulnerable to Denial of Service via Malformed Binary Data Requests
## Summary
Denial of Service vulnerability in `/rest/binary-data` endpoint when processing empty filesystem URIs (`filesystem://` or `filesystem-v2://`).
### Impact
This is a Denial of Service (DoS) vulnerability that allows authenticated attackers to cause service unavailability through malformed filesystem URI requests. The vulnerability affects:
- The `/rest/binary-data` endpoint
- n8n.cloud instances (confirmed HTTP/2 524 timeout responses)
Attackers can exploit this by sending GET requests with empty filesystem URIs (`filesystem://` or `filesystem-v2://`) to the `/rest/binary-data` endpoint, causing resource exhaustion and service disruption.
### Patches
The issue has been patched in [1.99.0](https://github.c
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-07-03
Published