Improper access control in n8n - #VU135226
Published: June 25, 2026
n8n
Detailed vulnerability description
The vulnerability allows a remote user to disclose sensitive information.
The vulnerability exists due to improper access control in the AI Agents MCP connector when processing agent requests to arbitrary URLs. A remote user can point an MCP tool at an external server they control and run the agent to disclose sensitive information.
Only instances with the AI Agents module enabled and a shared credential with domain restrictions are vulnerable.