SB2026062576 - Multiple vulnerabilities in n8n



SB2026062576 - Multiple vulnerabilities in n8n

Published: June 25, 2026

Security Bulletin ID SB2026062576
CSH Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Low 86%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 vulnerabilities.


1) Improper access control (CVE-ID: N/A)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper access control in workflow node expressions when resolving external secrets references. A remote user can reference external secrets in a node expression to disclose sensitive information.

Only instances with the external secrets feature configured are vulnerable.


2) Improper access control (CVE-ID: N/A)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper access control in the AI Agents MCP connector when processing agent requests to arbitrary URLs. A remote user can point an MCP tool at an external server they control and run the agent to disclose sensitive information.

Only instances with the AI Agents module enabled and a shared credential with domain restrictions are vulnerable.


3) Prototype pollution (CVE-ID: N/A)

CWE-ID: CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes (\'Prototype Pollution\')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper control of dynamically-managed code resources in workflow credential handling when saving, updating, or importing a crafted workflow via the workflow API. A remote user can pollute Object.prototype to disclose sensitive information.

This may cause unauthenticated requests to be treated as a privileged user and can expose user and project listing endpoints. The issue can also corrupt global state and make parts of the instance unresponsive until restarted.


4) SQL injection (CVE-ID: N/A)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL commands.

The vulnerability exists due to improper neutralization of special elements used in an SQL command in the MySQL v1 node executeQuery operation when processing expression-sourced values in raw SQL queries. A remote attacker can supply crafted input through an externally reachable trigger to execute arbitrary SQL commands.

This issue affects only workflows that use the MySQL v1 node with the executeQuery operation, and exploitation requires attacker-controlled input to reach interpolated {{ ... }} expressions.


5) Improper Authentication (CVE-ID: N/A)

CWE-ID: CWE-287 - Improper Authentication

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to authenticate as another user and access their account.

The vulnerability exists due to improper access control in the token exchange identity resolution logic when processing tokens from multiple trusted issuers. A remote user can present a valid token with a matching JWT subject claim to authenticate as another user and access their account.

This issue only affects instances where the token exchange feature is enabled and more than one trusted external issuer is configured.


6) Improper Authorization (CVE-ID: N/A)

CWE-ID: CWE-285 - Improper Authorization

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper access control in the external secrets expression validation logic when processing credential expressions. A remote user can embed external secret references in forms the validation does not detect to disclose sensitive information.

Only instances with an external secrets provider configured and Advanced Permissions enabled are vulnerable.


7) Improper access control (CVE-ID: N/A)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper access control in the HTTP Request node pagination expression evaluation when processing paginated requests with shared HTTP Header Auth credentials. A remote user can read credential-populated headers from the $request object and copy the secret into item data to disclose sensitive information.

Only instances with N8N_EXPRESSION_ENGINE=vm set are vulnerable, and exploitation requires access to a shared workflow with use-only editor permissions.


Remediation

Install update from vendor's website.