Skip to content
Threat Feed
critical advisory

n8n XML Node Prototype Pollution Leading to RCE

A vulnerability in n8n allows authenticated users with workflow creation permissions to achieve remote code execution (RCE) through global prototype pollution via the XML Node in versions prior to 1.123.32, versions 2.17.0 to 2.17.4, and versions 2.18.0 to 2.18.1.

A critical vulnerability, CVE-2026-42232, exists within the n8n workflow automation tool. This flaw allows an authenticated user, who possesses permissions to create or modify workflows, to achieve remote code execution (RCE). The attack vector involves exploiting global prototype pollution through the XML Node. Versions affected include those prior to 1.123.32, versions 2.17.0 up to but not including 2.17.4, and versions 2.18.0 up to but not including 2.18.1. Defenders should prioritize patching n8n instances due to the high potential for complete system compromise if exploited.

Attack Chain

  1. An attacker authenticates to an n8n instance with workflow creation/modification privileges.
  2. The attacker crafts a malicious workflow that leverages the XML Node to inject a payload designed to trigger prototype pollution.
  3. The crafted XML node manipulates global object prototypes within the n8n application.
  4. The attacker introduces a property into a global object prototype that can be exploited by another node.
  5. The attacker adds a secondary node (e.g., Function node) that leverages the polluted prototype property.
  6. The secondary node’s execution triggers the polluted prototype, leading to arbitrary code execution.
  7. The attacker executes arbitrary commands on the n8n server.
  8. The attacker gains complete control of the n8n server, potentially leading to data exfiltration, lateral movement, or other malicious activities.

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the n8n server. This can lead to full system compromise, including data exfiltration, credential theft, and lateral movement within the network. Given the nature of n8n as an automation platform, successful attacks can severely impact connected systems and services. This vulnerability affects n8n users who have not upgraded to patched versions.

Recommendation

  • Upgrade n8n to version 1.123.32, 2.17.4, 2.18.1, or later to remediate CVE-2026-42232.
  • As a temporary mitigation, limit workflow creation and editing permissions to only fully trusted users as suggested in the advisory.
  • As a temporary mitigation, disable the XML node by adding n8n-nodes-base.xml to the NODES_EXCLUDE environment variable as suggested in the advisory.

Detection coverage 3

Detect n8n Workflow Creation with XML Node

medium

Detects the creation of n8n workflows that include the XML node, which can be an indicator of potential exploitation attempts.

sigma tactics: execution techniques: T1204.002 sources: webserver, linux

Detect n8n NODES_EXCLUDE Environment Variable Modification

low

Detects modifications to the NODES_EXCLUDE environment variable which can be used to disable the XML node as a workaround.

sigma tactics: defense_evasion techniques: T1562.001 sources: process_creation, linux

Detect n8n Processes with Modified Environment

info

Detects n8n processes running with a modified environment which might indicate an attempt to bypass restrictions or exploit vulnerabilities.

sigma tactics: defense_evasion techniques: T1027 sources: process_creation, linux

Detection queries are kept inside the platform. Get full rules →