n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints

Vulnerability

The Dynamic Credentials feature in n8n Enterprise exposes three endpoints that fail to enforce per-resource ownership or scope checks. Any authenticated user can enumerate credential identifiers, names, and types referenced by any private workflow, initiate an OAuth authorization flow against another user's credential to overwrite its stored tokens, or revoke another user's credential tokens entirely. This affects all versions prior to 1.123.55, 2.25.7, and 2.26.2 when the Dynamic Credentials feature is enabled [1][2].

Exploitation

An attacker needs only an authenticated n8n session with no special project membership or credential sharing relationship. By sending crafted requests to the vulnerable EE endpoints, the attacker can enumerate credential metadata, then trigger an OAuth flow that binds the victim's credential to the attacker's external account, or directly revoke the stored tokens. No user interaction from the victim is required [1][2].

Impact

Successful exploitation allows the attacker to take over OAuth credentials belonging to other users. Workflows relying on a hijacked credential will execute under the attacker's OAuth identity, enabling data exfiltration to attacker-controlled external services and persistent integration takeover. Token revocation breaks affected workflows entirely. The compromise is cross-tenant and can affect all workflows using the targeted credential [1][2].

Mitigation

The vulnerability is fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2 (released 2026-06-16). Users should upgrade immediately. If upgrading is not possible, administrators can restrict instance access to fully trusted users or disable the Dynamic Credentials feature by unsetting N8N_ENV_FEAT_DYNAMIC_CREDENTIALS. These workarounds are temporary and do not fully remediate the risk [1][2].