cbcvebase.

N8N-Io N8N vulnerabilities

77 known vulnerabilities affecting n8n-io/n8n.

Total CVEs
77
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL19HIGH31MEDIUM27

Vulnerabilities

Page 3 of 4
CVE-2026-49465P3HIGHCVSS 7.7fixed in 1.123.48v>= 2.0.0-rc.0, < 2.21.8+1 more2026-06-23
CVE-2026-49465 [HIGH] CWE-22 CVE-2026-49465: n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authen n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push operation, bypassing the N8N_RESTRICT_FILE_ACCESS_TO file
nvd
CVE-2026-54304P3HIGHCVSS 7.7fixed in 1.123.55v>= 2.26.0, < 2.26.1+1 more2026-06-23
CVE-2026-54304 [HIGH] CWE-200 CVE-2026-54304: n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.1, an authen n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.1, an authenticated user with permission to create or modify workflows and access to a SecurityScorecard credential with limited allowed domains could configure the SecurityScorecard node's report download operation to target an attacker-controlled URL. The node at
nvd
CVE-2026-54311P3HIGHCVSS 7.7v>= 2.26.0, < 2.26.2fixed in 2.25.72026-06-23
CVE-2026-54311 [HIGH] CWE-488 CVE-2026-54311: n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated use n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions on the instance, prototype mutations introduced by one us
nvd
CVE-2026-42236P3HIGHCVSS 7.5fixed in 1.123.32v>= 2.17.0, < 2.17.4+1 more2026-05-04
CVE-2026-42236 [HIGH] CWE-770 CVE-2026-42236: n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without adequate resource controls. An unauthenticated remote attacker could exhaust server memory resources by sending large registration payloads, rende
nvd
CVE-2026-42226P3HIGHCVSS 7.5fixed in 1.123.33v>= 2.17.0, < 2.17.52026-05-04
CVE-2026-42226 [HIGH] CWE-862 CVE-2026-42226: n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynam n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supply a foreign credential ID in the request body, causing
nvd
CVE-2026-33724P3HIGHCVSS 7.4fixed in 2.5.02026-03-25
CVE-2026-33724 [HIGH] CWE-639 CVE-2026-33724: n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server could intercept the connection and present a fraudulent
nvd
CVE-2026-54313P3HIGHCVSS 7.7fixed in 2.24.02026-06-23
CVE-2026-54313 [HIGH] CWE-89 CVE-2026-54313: n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with work n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing unintended documents to be matched and overwritten with attack
nvd
CVE-2025-61917P3HIGHCVSS 7.7v>= 1.65.0, < 1.114.32026-02-04
CVE-2025-61917 [HIGH] CWE-200 CVE-2025-61917: n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use o n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. Such uninitialized buffers could contain residual data from within the same Node.js process (for example, data from prior req
nvd
CVE-2026-54314P3HIGHCVSS 7.5fixed in 2.24.02026-06-23
CVE-2026-54314 [HIGH] CWE-409 CVE-2026-54314: n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompre n8n is an open source workflow automation platform. Prior to 2.24.0, the Compression node's Decompress operation expanded attacker-controlled archives into memory without enforcing limits on decompressed output size. An unauthenticated attacker could send a small compressed archive to a public webhook workflow using this node, causing the n8n process
nvd
CVE-2026-54308P3HIGHCVSS 7.2v>= 2.26.0, < 2.26.2fixed in 2.25.72026-06-23
CVE-2026-54308 [HIGH] CWE-290 CVE-2026-54308: n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent36 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to execute with attacker-controlled data. This vulnerability
nvd
CVE-2026-21894P3MEDIUMCVSS 6.5v>= 0.150.0, < 2.2.22026-01-08
CVE-2026-21894 [MEDIUM] CWE-290 CVE-2026-21894: n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an aut n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe webhook events. The Stripe Trigger creates and stores a Stripe webhook signing secret when registering the webhook
nvd
CVE-2026-33663P3MEDIUMCVSS 6.5fixed in 1.123.27v>= 2.0.0-rc.0, < 2.13.3+1 more2026-03-25
CVE-2026-33663 [MEDIUM] CWE-639 CVE-2026-33663: n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with the `global:member` role could exploit chained authorization flaws in n8n's credential pipeline to steal plaintext secrets from generic HTTP credentials (`httpBasicAuth`, `httpHeaderAuth`, `httpQueryAuth`) belonging to other
nvd
CVE-2026-42228P3MEDIUMCVSS 6.5fixed in 1.123.32v>= 2.17.0, < 2.17.4+1 more2026-05-04
CVE-2026-42228 [MEDIUM] CWE-862 CVE-2026-42228: n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID
nvd
CVE-2026-42227P3MEDIUMCVSS 6.5fixed in 1.123.32v>= 2.17.0, < 2.17.4+1 more2026-05-04
CVE-2026-42227 [MEDIUM] CWE-639 CVE-2026-42227: n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying an arbitrary projectId query parameter to the public API variables endpoint. The handler queried the variables r
nvd
CVE-2025-57749P3MEDIUMCVSS 6.5fixed in 1.106.02025-08-20
CVE-2025-57749 [MEDIUM] CWE-59 CVE-2025-57749: n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discove n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks). An attacker with the ability to create symlinks—such as by using the Exec
nvd
CVE-2026-25631P3MEDIUMCVSS 6.5fixed in 1.121.02026-02-06
CVE-2026-25631 [MEDIUM] CWE-20 CVE-2026-25631: n8n is an open source workflow automation platform. Prior to 1.121.0, there is a vulnerability in th n8n is an open source workflow automation platform. Prior to 1.121.0, there is a vulnerability in the HTTP Request node's credential domain validation allowed an authenticated attacker to send requests with credentials to unintended domains, potentially leading to credential exfiltration. This only might affect user who have credentials that use wild
nvd
CVE-2026-54306P3MEDIUMCVSS 6.4v>= 2.26.0, < 2.26.2fixed in 2.25.72026-06-23
CVE-2026-54306 [MEDIUM] CWE-1321 CVE-2026-54306: n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollutio n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollution vulnerability allowed a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. These fields could be surfaced and consumed as normal values by downstream built-in nodes. Where a workfl
nvd
CVE-2026-27496P3MEDIUMCVSS 6.5fixed in 1.123.22v>= 2.0.0-rc.0, < 2.9.3+1 more2026-03-25
CVE-2026-27496 [MEDIUM] CWE-908 CVE-2026-27496: n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, a n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain residual data from the same Node.js process — including data from prior
nvd
CVE-2025-68697P4MEDIUMCVSS 5.4fixed in 2.0.02025-12-26
CVE-2025-68697 [MEDIUM] CWE-269 CVE-2025-68697: n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n insta n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node. This allows a workflow editor to perform actions on t
nvd
CVE-2026-42230P4MEDIUMCVSS 6.1fixed in 1.123.32v>= 2.17.0, < 2.17.4+1 more2026-05-04
CVE-2026-42230 [MEDIUM] CWE-601 CVE-2026-42230: n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirect_uri values to be registered. When a user denies the MCP OAuth consent dialog, the handleDeny handler redirects the user to the regi
nvd
N8N-Io N8N vulnerabilities | cvebase