N8n
by N8n Io
Source repositories
CVEs (86)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-33751 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape logic allowed LDAP metacharacters to pass through unescaped when user-controlled input was interpolated into LDAP search filters. In… | |||
| CVE-2026-33749 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The `/rest/binary-data`… | |||
| CVE-2026-33724 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the… | |||
| CVE-2026-33722 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential.… | |||
| CVE-2026-33720 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to version 2.8.0, when the `N8N_SKIP_AUTH_ON_OAUTH_CALLBACK` environment variable is set to `true`, the OAuth callback handler skips ownership verification of the OAuth state parameter. This allows an attacker to trick a… | |||
| CVE-2026-33713 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements… | |||
| CVE-2026-33696 | 0.00 | — | 0.01 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted… | |||
| CVE-2026-33665 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.4.0 and 1.121.0, when LDAP authentication is enabled, n8n automatically linked an LDAP identity to an existing local account if the LDAP email attribute matched the local account's email. An authenticated… | |||
| CVE-2026-33660 | 0.00 | — | 0.01 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could use the Merge node's "Combine by SQL" mode to read local files on the n8n host and achieve remote code… | |||
| CVE-2026-27496 | 0.00 | — | 0.00 | Mar 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain… | |||
| CVE-2026-27498 | 0.00 | — | 0.01 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk node with git operations to achieve remote code execution. By writing to… | |||
| CVE-2026-27578 | 0.00 | — | 0.00 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts into pages rendered by the n8n application using different techniques on various… | |||
| CVE-2026-27577 | 0.00 | — | 0.10 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613. An authenticated user with permission to create or modify… | |||
| CVE-2026-27497 | 0.00 | — | 0.01 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could leverage the Merge node's SQL query mode to execute arbitrary code and write arbitrary files on the n8n… | |||
| CVE-2026-27495 | 0.00 | — | 0.01 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the… | |||
| CVE-2026-27494 | 0.00 | — | 0.00 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to… | |||
| CVE-2026-27493 | 0.00 | — | 0.01 | Feb 25, 2026 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by… | |||
| CVE-2026-25631 | 0.00 | — | 0.00 | Feb 6, 2026 | n8n is an open source workflow automation platform. Prior to 1.121.0, there is a vulnerability in the HTTP Request node's credential domain validation allowed an authenticated attacker to send requests with credentials to unintended domains, potentially leading to credential… | |||
| CVE-2026-21893 | 0.00 | — | 0.01 | Feb 4, 2026 | n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute… | |||
| CVE-2026-25115 | 0.00 | — | 0.01 | Feb 4, 2026 | n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in… |
- CVE-2026-33751Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape logic allowed LDAP metacharacters to pass through unescaped when user-controlled input was interpolated into LDAP search filters. In…
- CVE-2026-33749Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The `/rest/binary-data`…
- CVE-2026-33724Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the…
- CVE-2026-33722Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential.…
- CVE-2026-33720Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to version 2.8.0, when the `N8N_SKIP_AUTH_ON_OAUTH_CALLBACK` environment variable is set to `true`, the OAuth callback handler skips ownership verification of the OAuth state parameter. This allows an attacker to trick a…
- CVE-2026-33713Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements…
- CVE-2026-33696Mar 25, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted…
- CVE-2026-33665Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 2.4.0 and 1.121.0, when LDAP authentication is enabled, n8n automatically linked an LDAP identity to an existing local account if the LDAP email attribute matched the local account's email. An authenticated…
- CVE-2026-33660Mar 25, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could use the Merge node's "Combine by SQL" mode to read local files on the n8n host and achieve remote code…
- CVE-2026-27496Mar 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 1.123.22, 2.9.3, and 2.10.1, an authenticated user with permission to create or modify workflows could use the JavaScript Task Runner to allocate uninitialized memory buffers. Uninitialized buffers may contain…
- CVE-2026-27498Feb 25, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk node with git operations to achieve remote code execution. By writing to…
- CVE-2026-27578Feb 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could inject arbitrary scripts into pages rendered by the n8n application using different techniques on various…
- CVE-2026-27577Feb 25, 2026risk 0.00cvss —epss 0.10
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613. An authenticated user with permission to create or modify…
- CVE-2026-27497Feb 25, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could leverage the Merge node's SQL query mode to execute arbitrary code and write arbitrary files on the n8n…
- CVE-2026-27495Feb 25, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the…
- CVE-2026-27494Feb 25, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could use the Python Code node to escape the sandbox. The sandbox did not sufficiently restrict access to…
- CVE-2026-27493Feb 25, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by…
- CVE-2026-25631Feb 6, 2026risk 0.00cvss —epss 0.00
n8n is an open source workflow automation platform. Prior to 1.121.0, there is a vulnerability in the HTTP Request node's credential domain validation allowed an authenticated attacker to send requests with credentials to unintended domains, potentially leading to credential…
- CVE-2026-21893Feb 4, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. From version 0.187.0 to before 1.120.3, a command injection vulnerability was identified in n8n’s community package installation functionality. The issue allowed authenticated users with administrative permissions to execute…
- CVE-2026-25115Feb 4, 2026risk 0.00cvss —epss 0.01
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in…
Page 3 of 5