Product

N8n (< 1.123.43)

3 briefs RSS

n8n Cross-User Authorization Bypass in Dynamic Credential OAuth Endpoints (CVE-2026-45732)

CVE-2026-45732 describes a high-severity authorization bypass vulnerability in n8n's OAuth1 and OAuth2 credential reconnect endpoints, where insufficient permission checks allow a user with read-only access to overwrite OAuth tokens, potentially leading to data exfiltration and persistent takeover of shared integrations.

n8n +2 authorization-bypass oauth credential-theft

2r 2t 40m ago

critical advisory

n8n Arbitrary File Read via Git Node (CVE-2026-44790)

2 rules 1 TTP

An authenticated user with workflow creation or modification permissions can inject CLI flags into the Git node's Push operation, leading to arbitrary file read on the n8n server; patched in versions 1.123.43, 2.20.7, and 2.22.1, and tracked as CVE-2026-44790.

n8n +2 arbitrary file read git node CVE-2026-44790

2r 1t 43m ago

critical advisory

n8n XML Node Prototype Pollution Patch Bypass Leads to RCE

2 rules 1 TTP

An authenticated n8n user with workflow creation privileges can bypass a previous patch for XML node prototype pollution, potentially leading to remote code execution on the n8n host when combined with other nodes; patched in versions 1.123.43, 2.20.7, and 2.22.1.

n8n +2 prototype pollution RCE CVE-2026-44791

2r 1t 43m ago