Main Vulnerability Database Vulnerabilities #VU134567

Exposure of Data Element to Wrong Session in n8n - CVE-2026-54311

Published: June 16, 2026

Vulnerability identifier: #VU134567

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-54311

CWE-ID: CWE-488

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: n8n

Affected software:
n8n

Detailed vulnerability description

The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper access control in the Merge node SQL Query mode sandbox when executing workflows containing the Merge node in SQL Query mode. A remote user can create or modify a workflow that pollutes the cached sandbox context to disclose sensitive information.

This issue affects multi-user instances where more than one user can create and execute workflows containing the Merge node in SQL Query mode.

How to mitigate CVE-2026-54311

Install security update from vendor's website.

Sources

https://github.com/n8n-io/n8n/security/advisories/GHSA-9c38-2mcm-q7f7

Exposure of Data Element to Wrong Session in n8n - CVE-2026-54311

Detailed vulnerability description

How to mitigate CVE-2026-54311

Sources

Please verify you're human