Product
Critical Prototype Pollution vulnerabilities (CVE-2026-42231 and CVE-2026-42232) in n8n versions prior to 1.123.32, 2.17.4, and 2.18.1 can be exploited by authenticated users with workflow editing rights to achieve Remote Code Execution (RCE) on the n8n host.