cbcvebase.

N8N-Io N8N vulnerabilities

77 known vulnerabilities affecting n8n-io/n8n.

Total CVEs
77
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL19HIGH31MEDIUM27

Vulnerabilities

Page 1 of 4
CVE-2025-68613P1HIGHCVSS 8.8KEVPoCfixed in 1.123.22v>= 2.0.0, < 2.9.3+1 more2025-12-19
CVE-2025-68613 [HIGH] CWE-913 CVE-2025-68613: n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.12 n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated i
nvd
CVE-2026-21858P1CRITICALCVSS 10.0ExploitedPoCv>= 1.65.0, < 1.121.02026-01-08
CVE-2026-21858 [CRITICAL] CWE-20 CVE-2026-21858: n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the
nvd
CVE-2026-21877P2CRITICALCVSS 9.9PoCfixed in 1.121.32026-01-08
CVE-2026-21877 [CRITICAL] CWE-94 CVE-2026-21877: n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execute malicious code using the n8n service. This could result in full compromise and can impact both self-hosted and n8n Cloud instances. This issue is fixed in version 1.121.3. Administrators can reduce exposure by disabling
nvd
CVE-2025-68668P2CRITICALCVSS 9.9v>= 1.0.0, < 2.0.02025-12-26
CVE-2025-68668 [CRITICAL] CWE-693 CVE-2025-68668: n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox by n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same priv
nvd
CVE-2026-27495P2CRITICALCVSS 9.9fixed in 1.123.22v>= 2.0.0, < 2.9.3+1 more2026-02-25
CVE-2026-27495 [CRITICAL] CWE-94 CVE-2026-27495: n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary. On instances using internal Task Runners (default runner mo
nvd
CVE-2026-25053P2CRITICALCVSS 9.9fixed in 1.123.10fixed in 2.5.02026-02-04
CVE-2026-25053 [CRITICAL] CWE-78 CVE-2026-25053: n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabil n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been patched in versions 1.123.10 and 2.5.0.
nvd
CVE-2026-27493P2CRITICALCVSS 9.0fixed in 1.123.22v>= 2.0.0, < 2.9.3+1 more2026-02-25
CVE-2026-27493 [CRITICAL] CWE-94 CVE-2026-27493: n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form data. When chained with an expression sandbox escape
nvd
CVE-2026-27494P2CRITICALCVSS 9.9fixed in 1.123.22v>= 2.0.0, < 2.9.3+1 more2026-02-25
CVE-2026-27494 [CRITICAL] CWE-497 CVE-2026-27494: n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to certain built-in Python objects, allowing an attacker to exfiltrate file con
nvd
CVE-2026-25052P2CRITICALCVSS 9.9fixed in 1.123.18fixed in 2.5.02026-02-04
CVE-2026-25052 [CRITICAL] CWE-367 CVE-2026-25052: n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerab n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical configuration data and user credentials, leading to
nvd
CVE-2026-54309P2CRITICALCVSS 10.0v>= 2.26.0, < 2.26.2fixed in 2.25.72026-06-23
CVE-2026-54309 [CRITICAL] CWE-306 CVE-2026-54309: n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browse n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke brows
nvd
CVE-2026-42231P2HIGHCVSS 8.8fixed in 1.123.32v>= 2.17.0, < 2.17.4+1 more2026-05-04
CVE-2026-42231 [HIGH] CWE-1321 CVE-2026-42231: n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js library used to parse XML request bodies in n8n's webhook handler allowed prototype pollution via a crafted XML payload. An authenticated user with permission to create or modify workflows could exploit this to pollute the JavaScrip
nvd
CVE-2026-25049P2CRITICALCVSS 9.9fixed in 1.123.17fixed in 2.5.22026-02-04
CVE-2026-25049 [CRITICAL] CWE-913 CVE-2026-25049: n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authent n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue has been patched in versions 1.123.17 and 2.5.2.
nvd
CVE-2026-54310P2CRITICALCVSS 9.9v>= 2.26.0, < 2.26.2fixed in 2.25.72026-06-23
CVE-2026-54310 [CRITICAL] CWE-89 CVE-2026-54310: n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated use n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could supply a crafted parameters to the TimescaleDB and/or legacy Postgres v1 node's allowing arbitrary SQL to be injected and executed against the connected database within the privileges of the confi
nvd
CVE-2026-54305P2CRITICALCVSS 9.9fixed in 1.123.55v>= 2.0.0-rc.0, < 2.25.7+1 more2026-06-23
CVE-2026-54305 [CRITICAL] CWE-200 CVE-2026-54305: n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, three EE n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, three EE endpoints used by the Dynamic Credentials feature accepted any authenticated n8n session without performing per-resource ownership or scope checks on the target workflow or credential. An authenticated user with no project membership or credential sh
nvd
CVE-2025-62726P2HIGHCVSS 8.8fixed in 1.113.02025-10-30
CVE-2025-62726 [HIGH] CWE-829 CVE-2025-62726: n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulner n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulnerability exists in the Git Node component available in both Cloud and Self-Hosted versions of n8n. When a malicious actor clones a remote repository containing a pre-commit hook, the subsequent use of the Commit operation in the Git Node can inadvertentl
nvd
CVE-2026-25115P2CRITICALCVSS 9.9fixed in 2.4.82026-02-04
CVE-2026-25115 [CRITICAL] CWE-693 CVE-2026-25115: n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the P n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.
nvd
CVE-2026-54307P2CRITICALCVSS 9.6fixed in 1.123.55v>= 2.0.0-rc.0, < 2.25.7+1 more2026-06-23
CVE-2026-54307 [CRITICAL] CWE-863 CVE-2026-54307: n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member- n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects in
nvd
CVE-2026-27498P2HIGHCVSS 8.8fixed in 1.123.8v>= 2.0.0, < 2.2.02026-02-25
CVE-2026-27498 [HIGH] CWE-94 CVE-2026-27498: n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenti n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk node with git operations to achieve remote code execution. By writing to specific configuration files and then triggering a git operation, the attacker co
nvd
CVE-2026-25056P2HIGHCVSS 8.8fixed in 1.118.0fixed in 2.4.02026-02-04
CVE-2026-25056 [HIGH] CWE-434 CVE-2026-25056: n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerabi n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n8n server's filesystem potentially leading to remote code execution. This issue has been patched in versio
nvd
CVE-2026-44789P2CRITICALCVSS 9.9fixed in 1.123.43v>= 2.0.0-rc.0, < 2.20.7+1 more2026-06-23
CVE-2026-44789 [CRITICAL] CWE-1321 CVE-2026-44789: n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authen n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via an unvalidated pagination parameter in the HTTP Request node. Combined with other techniques this could lead to RCE on the instance. This vulner
nvd
N8N-Io N8N vulnerabilities | cvebase