CVE-2026-42228
published 2026-05-04CVE-2026-42228: n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger…
PriorityP342medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
0.38%
30.1th percentile
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state could attach to that execution, receive the pending prompt intended for the legitimate user, and submit arbitrary input to resume or influence downstream workflow behavior. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| n8n-io | n8n | < 1.123.32 | 1.123.32 |
| n8n-io | n8n | — | — |
| n8n-io | n8n | — | — |
| n8n | n8n | < 1.123.32 | 1.123.32 |
| n8n | n8n | — | — |
| n8n | n8n | >= 0 < 1.123.32 | 1.123.32 |
| n8n | n8n | >= 2.0.0 < 2.17.4 | 2.17.4 |
| n8n | n8n | >= 2.17.0 < 2.17.4 | 2.17.4 |
| n8n | n8n | >= 2.18.0 < 2.18.1 | 2.18.1 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvdv4.06.3MEDIUMCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
n8n-io n8n up to 1.123.31/2.17.3/2.18.0 WebSocket Endpoint /chat authorization (GHSA-f77h-j2v7-g6mw)
vuldb·2026-05-04·CVSS 6.3
CVE-2026-42228 [MEDIUM] n8n-io n8n up to 1.123.31/2.17.3/2.18.0 WebSocket Endpoint /chat authorization (GHSA-f77h-j2v7-g6mw)
A vulnerability, which was classified as critical, was found in n8n-io n8n up to 1.123.31/2.17.3/2.18.0. This affects an unknown function of the file /chat of the component WebSocket Endpoint. Executing a manipulation can lead to missing authorization.
This vulnerability is handled as CVE-2026-42228. The attack can be executed remotely. There is not any exploit available.
You should upgrade the affected component.
GHSA
n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
ghsa·2026-04-29
CVE-2026-42228 [MEDIUM] CWE-862 n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
## Impact
The `/chat` WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state could attach to that execution, receive the pending prompt intended for the legitimate user, and submit arbitrary input to resume or influence downstream workflow behavior.
Exploitation requires the following conditions:
- The instance exposes a public Hosted Chat workflow with authentication set to `None`.
- A target execution is in a waiting state at the time of the attack.
- The attacker can obtain or discover the execution ID of
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-04
Published