Main Vulnerability Database Vulnerabilities #VU134558

Improper access control in n8n - CVE-2026-54305

Published: June 16, 2026

Vulnerability identifier: #VU134558

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-54305

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: n8n

Affected software:
n8n

Detailed vulnerability description

The vulnerability allows a remote user to disclose sensitive information, overwrite stored OAuth tokens, or revoke stored credential tokens.

The vulnerability exists due to improper access control in the Dynamic Credentials EE endpoints when handling requests for workflows or credentials without per-resource ownership or scope checks. A remote user can send crafted requests to enumerate credential identifiers, names, and types referenced by private workflows, overwrite another user's stored tokens with tokens bound to an account they control, or revoke stored credential tokens to disclose sensitive information, overwrite stored OAuth tokens, or revoke stored credential tokens.

Only Enterprise instances with the Dynamic Credentials feature enabled are vulnerable.

How to mitigate CVE-2026-54305

Install security update from vendor's website.

Sources

https://github.com/n8n-io/n8n/security/advisories/GHSA-2j5h-858j-5mpf

Improper access control in n8n - CVE-2026-54305

Detailed vulnerability description

How to mitigate CVE-2026-54305

Sources

Please verify you're human