Critical Prototype Pollution Vulnerabilities in n8n Lead to Remote Code Execution

Multiple critical vulnerabilities have been discovered in n8n, a widely used workflow automation tool. These vulnerabilities, identified as CVE-2026-42231 and CVE-2026-42232, involve Prototype Pollution flaws that can be escalated to Remote Code Execution (RCE) on the n8n host. The vulnerabilities affect n8n versions prior to 1.123.32, 2.17.4, and 2.18.1. An authenticated user with workflow editing rights can exploit these vulnerabilities by injecting malicious properties into the global object prototype, ultimately executing unauthorized commands directly on the underlying host server. These flaws can be exploited via the webhook infrastructure or the XML Node component.

Attack Chain

1. An authenticated user gains access to the n8n instance with workflow editing rights.
2. The attacker crafts a malicious XML payload or workflow utilizing the XML Node component.
3. The malicious payload is designed to inject properties into the global object prototype, exploiting the Prototype Pollution vulnerability (CVE-2026-42231 or CVE-2026-42232).
4. The polluted data is routed through the Git node’s SSH functions (in the case of CVE-2026-42231) or other susceptible workflow nodes.
5. The injected properties modify the behavior of subsequent operations performed by the n8n instance.
6. The Git node (or other exploited node) executes commands based on the polluted prototype, leading to arbitrary code execution on the n8n server.
7. The attacker gains control of the n8n server.
8. The attacker leverages the compromised server for further malicious activities, such as data exfiltration or lateral movement.

Impact

Successful exploitation of these vulnerabilities allows an attacker to achieve Remote Code Execution (RCE) on the n8n host. This can lead to complete compromise of the n8n instance, including unauthorized access to sensitive data, modification of workflows, and potentially the compromise of other systems connected to the n8n instance. The high CVSS scores (9.4) for both CVEs reflect the significant impact on Confidentiality, Integrity, and Availability.

Recommendation

• Immediately patch n8n instances to versions 1.123.32, 2.17.4, 2.18.1 or later to remediate CVE-2026-42231 and CVE-2026-42232, as recommended by the vendor.
• Implement monitoring and detection capabilities to identify suspicious activity related to prototype pollution attempts, as advised in the advisory.
• Review and restrict workflow editing rights to minimize the attack surface and reduce the potential for unauthorized modifications.