n8n
npm69 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting n8npage 1 of 2
- CVE-2023-27562MEDIUMCVSS 6.5EG 6.5✓ Fixed in 0.216.12023-05-10
The n8n package 0.218.0 for Node.js allows Directory Traversal.
- CVE-2023-27563HIGHCVSS 8.8EG 8.8✓ Fixed in 0.216.12023-05-10
The n8n package 0.218.0 for Node.js allows Escalation of Privileges.
- CVE-2023-27564HIGHCVSS 7.5EG 7.5✓ Fixed in 0.216.12023-05-10
The n8n package 0.218.0 for Node.js allows Information Disclosure.
- CVE-2025-46343MEDIUMCVSS 5.0EG 5.0✓ Fixed in 1.90.02025-04-29
n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authentic…
- CVE-2025-49592MEDIUMCVSS 4.6EG 4.6✓ Fixed in 1.98.02025-06-26
n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious …
- CVE-2025-49595MEDIUMCVSS 4.9EG 4.9✓ Fixed in 1.99.02025-07-03
n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs (filesystem:// or filesystem-v2://). This allows authenticated a…
- CVE-2025-52478HIGHCVSS 8.7EG 8.7✓ Fixed in 1.98.22025-08-19
n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a stored Cross-Site Scripting (XSS) vulnerability was identified in n8n, specifically in the Form Trigger node's HTML form element. An authenticated attacker can inject m…
- CVE-2025-52554MEDIUMCVSS 4.3EG 4.3✓ Fixed in 1.99.12025-07-03
n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that…
- CVE-2025-57749MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.106.02025-08-20
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly…
- CVE-2025-58177MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.107.02025-09-15
n8n is an open source workflow automation platform. From 1.24.0 to before 1.107.0, there is a stored cross-site scripting (XSS) vulnerability in @n8n/n8n-nodes-langchain.chatTrigger. An authorized user can configure the LangChain Chat Trig…
- CVE-2025-61914HIGHCVSS 7.3EG 7.3✓ Fixed in 1.114.02025-12-26
n8n is an open source workflow automation platform. Prior to version 1.114.0, a stored Cross-Site Scripting (XSS) vulnerability may occur in n8n when using the “Respond to Webhook” node. When this node responds with HTML content contai…
- CVE-2025-61917HIGHCVSS 7.7EG 7.7✓ Fixed in 1.114.32026-02-04
n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() in the task runner allowed untrusted code to allocate uninitialized memory. Such uninit…
- CVE-2025-62726HIGHCVSS 8.8EG 8.8✓ Fixed in 1.113.02025-10-30
n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulnerability exists in the Git Node component available in both Cloud and Self-Hosted versions of n8n. When a malicious actor clones a remote re…
- CVE-2025-65964HIGHCVSS 8.8EG 8.8✓ Fixed in 1.119.22025-12-09
n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git con…
- CVE-2025-68613CRITICALCVSS 9.9EG 9.9⚠ KEV✓ Fixed in 1.121.12025-12-19
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Unde…
- CVE-2025-68668CRITICALCVSS 9.9EG 9.9✓ Fixed in 2.0.02025-12-26
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows ca…
- CVE-2025-68697HIGHCVSS 7.1EG 7.1✓ Fixed in 2.0.02025-12-26
n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can i…
- CVE-2025-68949MEDIUMCVSS 5.3EG 5.3✓ Fixed in 2.2.02026-01-13
n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accep…
- CVE-2025-71380HIGHCVSS 8.8EG 8.82026-07-04
The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially …
- CVE-2026-1470CRITICALCVSS 9.9EG 9.9✓ Fixed in 2.5.12026-01-27
n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not …
- CVE-2026-21858CRITICALCVSS 10.0EG 10.0✓ Fixed in 1.121.02026-01-08
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could …
- CVE-2026-21877CRITICALCVSS 9.9EG 9.9✓ Fixed in 1.121.32026-01-08
n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execute malicious code using the n8n service. This could result in full compromise and can impact both self-hosted …
- CVE-2026-21893HIGHCVSS 7.2EG 7.2✓ Fixed in 1.120.32026-02-04
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users wit…
- CVE-2026-21894MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.2.22026-01-08
n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerability in the Stripe Trigger node allows unauthenticated parties to trigger workflows by sending forged Stripe we…
- CVE-2026-25049CRITICALCVSS 9.9EG 9.9✓ Fixed in 2.5.22026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended syst…
- CVE-2026-25051MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.122.52026-02-04
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting (XSS) vulnerability has been identified in the handling of webhook responses and related HTTP endpoints. Under certain conditions, the Con…
- CVE-2026-25052CRITICALCVSS 9.9EG 9.9✓ Fixed in 1.123.182026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the…
- CVE-2026-25053CRITICALCVSS 9.9EG 9.9✓ Fixed in 1.123.102026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or rea…
- CVE-2026-25054MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.123.92026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.123.9 and 2.2.1, a Cross-Site Scripting (XSS) vulnerability existed in a markdown rendering component used in n8n's interface, including workflow sticky notes and othe…
- CVE-2026-25055HIGHCVSS 8.1EG 8.1✓ Fixed in 1.123.122026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can le…
- CVE-2026-25056HIGHCVSS 8.8EG 8.8✓ Fixed in 2.4.02026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files …
- CVE-2026-25115CRITICALCVSS 9.9EG 9.9✓ Fixed in 2.4.82026-02-04
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security bo…
- CVE-2026-25631MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.121.02026-02-06
n8n is an open source workflow automation platform. Prior to 1.121.0, there is a vulnerability in the HTTP Request node's credential domain validation allowed an authenticated attacker to send requests with credentials to unintended domain…
- CVE-2026-42226HIGHCVSS 7.5EG 7.5✓ Fixed in 1.123.332026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An auth…
- CVE-2026-42227MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with a valid API key scoped to variable:list could read variables from projects they are not a member of by supplying…
- CVE-2026-42228MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized …
- CVE-2026-42229HIGHCVSS 8.8EG 8.8✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTable node's row:search and row:get operations allowed user-controlled input to be concatenated directly into SQL query st…
- CVE-2026-42230MEDIUMCVSS 6.1EG 6.1✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirect_uri values to be r…
- CVE-2026-42231HIGHCVSS 8.8EG 8.8✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js library used to parse XML request bodies in n8n's webhook handler allowed prototype pollution via a crafted XML payloa…
- CVE-2026-42232HIGHCVSS 8.8EG 8.8✓ Fixed in 1.123.322026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RC…
- CVE-2026-42233CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the Oracle Database node's select operation allowed user-controlled input passed into the Limit field via expressions to be inter…
- CVE-2026-42234HIGHCVSS 8.8EG 8.8✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbi…
- CVE-2026-42235CRITICALCVSS 9.6EG 9.6✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an unauthenticated attacker could register a malicious MCP OAuth client with a crafted client_name. If a victim user authorized the OAuth c…
- CVE-2026-42236HIGHCVSS 7.5EG 7.5✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without adequate resource controls. An …
- CVE-2026-42237HIGHCVSS 8.8EG 8.8✓ Fixed in 2.17.42026-05-04
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f2-mcxc-pwjx did not cover the Snowflake node or the legacy MySQL v1 node. Both nodes construct SQL queries by directly …
- CVE-2026-44790HIGHCVSS 8.8EG 8.8✓ Fixed in 1.123.432026-06-23
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to …
- CVE-2026-44791CRITICALCVSS 9.9EG 9.9✓ Fixed in 1.123.432026-06-23
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with ot…
- CVE-2026-44792CRITICALCVSS 9.0EG 9.0✓ Fixed in 1.123.432026-06-23
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file c…
- CVE-2026-49444HIGHCVSS 8.5EG 8.5✓ Fixed in 2.21.82026-06-16
n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary cod…
- CVE-2026-49465HIGHCVSS 7.7EG 7.7✓ Fixed in 2.21.82026-06-16
n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's …
Check whether n8n is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for n8n CVEs against the assets you own.
Start Free Scan →