Home/Product/n8n
Product

n8n

65 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-42237
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f2-mcxc-pwj
8.8HIGH
 CVE-2026-42236
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the MCP OAuth client registrat
7.5HIGH
 CVE-2026-42235
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an unauthenticated attacker co
9.6CRITICAL
 CVE-2026-42234
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with per
8.8HIGH
 CVE-2026-42233
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the Oracle Database
9.8CRITICAL
 CVE-2026-42232
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with per
8.8HIGH
 CVE-2026-42231
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js library u
8.8HIGH
 CVE-2026-42230
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoi
6.1MEDIUM
 CVE-2026-42229
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTable node's
8.8HIGH
 CVE-2026-42228
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint u
6.5MEDIUM
 CVE-2026-42227
< 1.123.32
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with a v
6.5MEDIUM
 CVE-2026-42226
< 1.123.33
n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints d
7.5HIGH
 CVE-2026-33751
< 1.123.27
n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filt
4.8MEDIUM
 CVE-2026-33749
< 1.123.27
n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with per
9.0CRITICAL
 CVE-2026-33724
< 2.5.0
n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use S
7.4HIGH
 CVE-2026-33722
< 1.123.23
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission
5.3MEDIUM
 CVE-2026-33720
< 2.8.0
n8n is an open source workflow automation platform. Prior to version 2.8.0, when the N8N_SKIP_AUTH_ON_OAUTH_CALLBACK environment
4.2MEDIUM
 CVE-2026-33713
< 1.123.26
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with per
8.8HIGH
 CVE-2026-33696
< 1.123.27
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with per
8.8HIGH
 CVE-2026-33665
< 1.121.0
n8n is an open source workflow automation platform. Prior to versions 2.4.0 and 1.121.0, when LDAP authentication is enabled, n8n
7.5HIGH
 CVE-2026-33663
< 1.123.27
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with the
6.5MEDIUM
 CVE-2026-33660
< 1.123.27
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with per
8.8HIGH
 CVE-2026-27496
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with perm
6.5MEDIUM
 CVE-2026-27578
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with perm
5.4MEDIUM
 CVE-2026-27577
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expr
9.9CRITICAL
 CVE-2026-27498
< 1.123.8
n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to
8.8HIGH
 CVE-2026-27497
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with perm
8.8HIGH
 CVE-2026-27495
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with perm
9.9CRITICAL
 CVE-2026-27494
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with perm
9.9CRITICAL
 CVE-2026-27493
< 1.123.22
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injec
9.0CRITICAL
 CVE-2026-25631
< 1.121.0
n8n is an open source workflow automation platform. Prior to 1.121.0, there is a vulnerability in the HTTP Request node's credenti
6.5MEDIUM
 CVE-2026-21893
>= 0.187.0 and < 1.120.3
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was
7.2HIGH
 CVE-2026-25115
< 2.4.8
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authent
9.9CRITICAL
 CVE-2026-25056
< 1.118.0
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Q
8.8HIGH
 CVE-2026-25055
< 1.123.12
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files an
8.1HIGH
 CVE-2026-25054
< 1.123.9
n8n is an open source workflow automation platform. Prior to versions 1.123.9 and 2.2.1, a Cross-Site Scripting (XSS) vulnerabilit
5.4MEDIUM
 CVE-2026-25053
< 1.123.0
n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed
9.9CRITICAL
 CVE-2026-25052
< 1.123.18
n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access contr
9.9CRITICAL
 CVE-2026-25051
< 1.123.2
n8n is an open source workflow automation platform. Prior to version 1.123.2, a Cross-Site Scripting (XSS) vulnerability has been
5.4MEDIUM
 CVE-2026-25049
< 1.123.17
n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to
9.9CRITICAL
 CVE-2025-61917
>= 1.65.0 and < 1.114.3
n8n is an open source workflow automation platform. From version 1.65.0 to before 1.114.3, the use of Buffer.allocUnsafe() and Buf
7.7HIGH
 CVE-2026-1470
< 1.123.17
n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluation system. Expressions suppli
9.9CRITICAL
 CVE-2026-0863
<= 1.123.14
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arb
8.5HIGH
 CVE-2025-68949
>= 1.36.0 and < 2.2.0
n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation perf
5.3MEDIUM
 CVE-2026-21894
>= 0.150.0 and < 2.2.2
n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an authentication bypass vulnerabili
6.5MEDIUM
 CVE-2026-21877
>= 0.123.0 and < 1.121.3
n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execut
9.9CRITICAL
 CVE-2026-21858
>= 1.65.0 and < 1.121.0
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access f
10.0CRITICAL
 CVE-2025-68697
< 2.0.0
n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs
7.1HIGH
 CVE-2025-68668
>= 1.0.0 and < 2.0.0
n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in t
9.9CRITICAL
 CVE-2025-61914
< 1.114.0
n8n is an open source workflow automation platform. Prior to version 1.114.0, a stored Cross-Site Scripting (XSS) vulnerability ma
7.3HIGH
 CVE-2025-68613
>= 0.211.0 and < 1.120.4
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 cont
9.9CRITICAL
 CVE-2025-65964
>= 0.123.1 and < 1.119.2
n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent R
8.8HIGH
 CVE-2025-62726
< 1.113.0
n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulnerability exists in the Git Node
8.8HIGH
 CVE-2025-58177
>= 1.24.0 and < 1.107.0
n8n is an open source workflow automation platform. From 1.24.0 to before 1.107.0, there is a stored cross-site scripting (XSS) vu
5.4MEDIUM
 CVE-2025-56265
all versions
An arbitrary file upload vulnerability in the Chat Trigger component of N8N v1.95.3, v1.100.1, and v1.101.1 allows attackers to ex
8.8HIGH
 CVE-2025-55526
all versions
n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_
9.1CRITICAL
 CVE-2025-57749
< 1.106.0
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File nod
6.5MEDIUM
 CVE-2025-52478
>= 1.77.0 and < 1.98.2
n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a stored Cross-Site Scripting (XSS) vulnerability was identif
8.7HIGH
 CVE-2025-52554
< 1.99.1
n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executi
4.3MEDIUM
 CVE-2025-49595
< 1.99.0
n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data en
4.9MEDIUM
 CVE-2025-49592
< 1.98.0
n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticat
4.6MEDIUM
 CVE-2025-46343
< 1.90.0
n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the
5.0MEDIUM
 CVE-2023-27564
all versions
The n8n package 0.218.0 for Node.js allows Information Disclosure.
7.5HIGH
 CVE-2023-27563
all versions
The n8n package 0.218.0 for Node.js allows Escalation of Privileges.
8.8HIGH
 CVE-2023-27562
all versions
The n8n package 0.218.0 for Node.js allows Directory Traversal.
6.5MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin