OsVault/npm/n8n

npm

n8n

128 known vulnerabilities · 0 critical · 2 high

GHSA-2vx9-7wpg-88jq

n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions

Published May 19, 2026

GHSA-3875-8gcx-7v46

n8n: Credential exfiltration via Allowed HTTP Request Domains Bypass

Published May 19, 2026

CVE-2023-27563HIGH

n8n Privilege Escalation vulnerability

Published May 10, 2023

CVE-2025-61917

n8n's Unsafe Buffer Allocation Allows In-Process Memory Disclosure in Task Runner

Published Feb 4, 2026

CVE-2023-27564HIGH

n8n Information Disclosure vulnerability

Published May 10, 2023

GHSA-mqpr-49jj-32rc

n8n: Webhook Forgery on Github Webhook Trigger

Published Feb 26, 2026

CVE-2026-33713

n8n has SQL Injection in Data Table Node via orderByColumn Expression

Published Mar 26, 2026

CVE-2026-33724

n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

Published Mar 25, 2026

CVE-2026-27498

n8n has Arbitrary Command Execution via File Write and Git Operations

Published Feb 25, 2026

CVE-2026-33722

n8n Has External Secrets Authorization Bypass in Credential Saving

Published Mar 25, 2026

CVE-2026-33663

n8n is Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition

Published Mar 25, 2026

CVE-2026-33660

n8n has Multiple Remote Code Execution Vulnerabilities in Merge Node AlaSQL SQL Mode

Published Mar 25, 2026

CVE-2026-21894

n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks

Published Jan 7, 2026

CVE-2026-27494

n8n has Arbitrary File Read via Python Code Node Sandbox Escape

Published Feb 25, 2026

CVE-2026-33749

n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

Published Mar 26, 2026

CVE-2026-1470

n8n Unsafe Workflow Expression Evaluation Allows Remote Code Execution

Published Jan 27, 2026

CVE-2026-27493

n8n has Unauthenticated Expression Evaluation via Form Node

Published Feb 25, 2026

CVE-2025-65964

n8n vulnerable to Remote Code Execution via Git Node Custom Pre-Commit Hook

Published Dec 8, 2025

GHSA-w673-8fjw-457c

n8n: Authenticated XSS and Open Redirect via Form Node

Published Mar 27, 2026

CVE-2026-27496

n8n has In-Process Memory Disclosure in its Task Runner

Published Mar 25, 2026

CVE-2026-25631

n8n's domain allowlist bypass enables credential exfiltration

Published Feb 4, 2026

GHSA-364x-8g5j-x2pr

n8n has XSS in its Credential Management Flow

Published Mar 27, 2026

GHSA-3c7f-5hgj-h279

n8n has XSS in Chat Trigger Node through Custom CSS

Published Mar 27, 2026

GHSA-f3f2-mcxc-pwjx

n8n: SQL Injection in MySQL, PostgreSQL, and Microsoft SQL nodes

Published Feb 26, 2026

CVE-2025-68668

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Published Dec 26, 2025

CVE-2026-21858

n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling

Published Jan 7, 2026

CVE-2025-68949

n8n: Webhook Node IP Whitelist Bypass via Partial String Matching

Published Jan 13, 2026

CVE-2026-25055

n8n Vulnerable to Arbitrary File Write on Remote Systems via SSH Node

Published Feb 4, 2026

CVE-2026-25052

n8n's Improper File Access Controls Allow Arbitrary File Read by Authenticated Users

Published Feb 4, 2026

GHSA-jh8h-6c9q-7gmw

n8n has an Authentication Bypass in its Chat Trigger Node

Published Feb 26, 2026

CVE-2025-68697

Self-hosted n8n has Legacy Code node that enables arbitrary file read/write

Published Dec 26, 2025

CVE-2026-21877

n8n Vulnerable to RCE via Arbitrary File Write

Published Jan 6, 2026

CVE-2026-25054

n8n Has Stored Cross-site Scripting via Markdown Rendering in Workflow UI

Published Feb 4, 2026

CVE-2026-33720

n8n Has Authorization Bypass in OAuth Callback via N8N_SKIP_AUTH_ON_OAUTH_CALLBACK

Published Mar 25, 2026

GHSA-57g9-58c2-xjg3

n8n Has an Arbitrary File Read via Git Node

Published May 14, 2026

GHSA-c8xv-5998-g76h

n8n: HTTP Request Node Pagination Prototype Pollution to RCE

Published May 14, 2026

CVE-2026-25056

n8n Merge Node has Arbitrary File Write leading to RCE

Published Feb 4, 2026

GHSA-mhrx-qhrj-673w

n8n Has a Source Control Pull SQL Injection

Published May 14, 2026

CVE-2026-33751

n8n Vulnerable to LDAP Filter Injection in LDAP Node

Published Mar 26, 2026

CVE-2026-25115

n8n has a Python sandbox escape

Published Feb 4, 2026

GHSA-44v6-jhgm-p3m4

n8n has a Python Task Runner Sandbox Escape Vulnerability

Published Apr 29, 2026

CVE-2026-33696

n8n: Prototype Pollution in XML and GSuiteAdmin node parameters lead to RCE

Published Mar 26, 2026

GHSA-537j-gqpc-p7fq

n8n Vulnerable to XSS via MCP OAuth client

Published Apr 29, 2026

CVE-2025-61914

n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox

Published Dec 26, 2025

GHSA-38c7-23hj-2wgq

n8n has Webhook Forgery on Zendesk Trigger Node

Published Feb 26, 2026

GHSA-49m9-pgww-9vq6

n8n Vulnerable to Unauthenticated Denial of Service via MCP Client Registration

Published Apr 29, 2026

GHSA-756q-gq9h-fp22

n8n has Public API Variables IDOR that Allows Cross-Project Secret Disclosure

Published Apr 29, 2026

CVE-2026-33665

n8n: LDAP Email-Based Account Linking Allows Privilege Escalation and Account Takeover

Published Mar 25, 2026

GHSA-wrwr-h859-xh2r

n8n Has an XML Node Prototype Pollution Patch Bypass

Published May 14, 2026

GHSA-vjf3-2gpj-233v

n8n has an SSO Enforcement Bypass in its Self-Service Settings API

Published Feb 26, 2026

GHSA-f77h-j2v7-g6mw

n8n Vulnerable to Hijacking of Unauthenticated Chat Execution

Published Apr 29, 2026

CVE-2026-27495

n8n has a Sandbox Escape in its JavaScript Task Runner

Published Feb 25, 2026

GHSA-mp4j-h6gh-f6mp

n8n has SQL Injection in SeaTable Node

Published Apr 29, 2026

GHSA-hqr4-h3xv-9m3r

n8n has XML Node Prototype Pollution that to RCE

Published Apr 29, 2026

GHSA-r4v6-9fqc-w5jr

n8n's Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key Replay

Published Apr 29, 2026

GHSA-q4fm-pjq6-m63g

n8n has a Stored XSS Vulnerability in its Form Trigger

Published Mar 27, 2026

GHSA-fvfv-ppw4-7h2w

n8n has a Guardrail Node Bypass

Published Feb 26, 2026

GHSA-r6jc-mpqw-m755

n8n has SQL Injection in Oracle Database Node via Limit Field

Published Apr 29, 2026

CVE-2026-27497

n8n has Potential Remote Code Execution via Merge Node

Published Feb 25, 2026

CVE-2023-27562MEDIUM

n8n Directory Traversal vulnerability

Published May 10, 2023

CVE-2026-27578

n8n Vulnerable to Stored XSS via Various Nodes

Published Feb 25, 2026

CVE-2026-25053

n8n has OS Command Injection in Git Node

Published Feb 4, 2026

GHSA-hp3c-vfpm-q4f7

n8n has SQL Injection in Snowflake and MySQL Nodes

Published Apr 29, 2026

GHSA-q5f4-99jv-pgg5

n8n has Prototype Pollution in XML Webhook Body Parser that Leads to RCE

Published Apr 29, 2026

CVE-2026-27577

n8n: Expression Sandbox Escape Leads to RCE

Published Feb 25, 2026

GHSA-2j5h-858j-5mpf

n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints

Published Jun 16, 2026

GHSA-42h7-m79w-wvg5

n8n: Stored XSS in Chat Trigger Node

Published Jun 16, 2026

GHSA-f6x8-65q6-j9m9

n8n has Open Redirect in MCP OAuth Consent Flow

Published Apr 29, 2026

GHSA-5xp3-2w67-427v

n8n: Git Node Clone and Push Operations Bypass File Sandbox

Published Jun 16, 2026

GHSA-9c38-2mcm-q7f7

n8n: Merge Node SQL Mode Prototype Pollution

Published Jun 16, 2026

GHSA-9pq8-m8gp-4p53

n8n: Python sandbox escape

Published Jun 16, 2026

GHSA-c37g-w77q-m4vp

n8n: SQL Injection in Postgres v1/TimesclaeDB Nodes

Published Jun 16, 2026

GHSA-h3jj-5f3v-3685

n8n: Public API Execution Retry Authorization Bypass

Published Jun 16, 2026

GHSA-h86q-fx34-gfjr

n8n: Reflected XSS via Facebook, WhatsApp, and Microsoft Teams Trigger Webhook Verification Endpoints

Published Jun 16, 2026

GHSA-hv7x-3x78-gx53

n8n: Wrong OAuth Scope On Evaluations Test Run Creation Endpoint

Published Jun 16, 2026

GHSA-jqpw-qww5-cj4c

n8n: Denial of Service via ZIP decompression in webhook workflow

Published Jun 16, 2026

GHSA-jvc7-762p-3743

n8n: Missing Token Validation on Microsoft Agent 365 Trigger and Stripe Nodes

Published Jun 16, 2026

GHSA-jwm3-qcfw-c5pp

n8n: Python Code Node AST Validator Bypass

Published Jun 16, 2026

GHSA-pmqw-72cg-wx85

n8n: Credential Exfiltration via Permission Bypass

Published Jun 16, 2026

GHSA-qrx8-25qr-5r7v

n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

Published Jun 16, 2026

GHSA-rm2v-h48j-895m

n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host

Published Jun 16, 2026

GHSA-v733-mwr6-fgcm

n8n: Same-Origin XSS in Respond to Webhook Node

Published Jun 16, 2026

CVE-2025-68613

n8n Vulnerable to Remote Code Execution via Expression Injection

Published Dec 22, 2025

GHSA-x6p3-m6h9-fx7r

n8n: Microsoft SQL Node Prototype Pollution

Published Jun 16, 2026

GHSA-6h4j-wcr9-2vg7

n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints

Published May 14, 2026

GHSA-2vff-hj5x-8gq7

n8n: Prototype Pollution enables confused-deputy execution via public webhooks

Published Jun 16, 2026

GHSA-664h-gpgq-h6xx

n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints

Published Jun 17, 2026

GHSA-jpq7-226w-6cxx

n8n: NoSQL Injection in MongoDB Node Find And Replace Operation

Published Jun 16, 2026

GHSA-75hx-xj24-mqrw

n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport

Published Apr 10, 2026

GHSA-4ggg-h7ph-26qr

n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode

Published Apr 8, 2026

GHSA-8g7g-hmwm-6rv2

n8n-mcp affected by path traversal, redirect-following SSRF, and telemetry payload exposure

Published May 8, 2026

GHSA-cmrh-wvq6-wm9r

n8n-mcp webhook and API client paths has an authenticated SSRF

Published May 8, 2026

CVE-2025-56265

N8N's Chat Trigger component is vulnerable to XSS

Published Sep 8, 2025

MAL-2026-177

Malicious code in n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (npm)

Published Jan 9, 2026

MAL-2026-179

Malicious code in n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz (npm)

Published Jan 9, 2026

GHSA-pfm2-2mhg-8wpx

n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests

Published Apr 23, 2026

MAL-2026-394

Malicious code in n8n-nodes-zl-vietts (npm)

Published Jan 21, 2026

MAL-2026-1454

Malicious code in n8n-nodes-text-helpers (npm)

Published Mar 15, 2026

MAL-2026-5195

Malicious code in @contaazul/n8n-nodes-contaazul (npm)

Published Jun 5, 2026

MAL-2026-378

Malicious code in @diendh/n8n-nodes-tiktok-v2 (npm)

Published Jan 21, 2026

MAL-2026-557

Malicious code in n8n-nodes-zalo-fevox (npm)

Published Jan 28, 2026

MAL-2026-558

Malicious code in n8n-zalo-fevox (npm)

Published Jan 28, 2026

MAL-2025-48438

Malicious code in n8n-nodes-phoai-ultimate-tools (npm)

Published Oct 17, 2025

MAL-2026-69

Malicious code in n8n-performance-metrics (npm)

Published Jan 6, 2026

GHSA-wg4g-395p-mqv3

n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode

Published Apr 25, 2026

MAL-2025-190977

Malicious code in n8n-nodes-vercel-ai-sdk (npm)

Published Nov 24, 2025

MAL-2026-4617

Malicious code in n8n-nodes-pentest-rce (npm)

Published May 21, 2026

MAL-2026-1467

Malicious code in n8n-nodes-csv-parse (npm)

Published Mar 16, 2026

MAL-2026-1468

Malicious code in n8n-nodes-data-transform (npm)

Published Mar 16, 2026

MAL-2026-1469

Malicious code in n8n-nodes-format-utils (npm)

Published Mar 16, 2026

MAL-2026-1472

Malicious code in n8n-nodes-xml-utils (npm)

Published Mar 16, 2026

MAL-2025-190852

Malicious code in n8n-nodes-tmdb (npm)

Published Nov 24, 2025

MAL-2026-4618

Malicious code in n8n-nodes-whatsapp-business-api-by-automations-builder (npm)

Published May 21, 2026

MAL-2026-597

Malicious code in n8n-nodes-comfyui-illu (npm)

Published Jan 29, 2026

MAL-2025-4277

Malicious code in n8n-nodes-zalo-user (npm)

Published May 22, 2025

MAL-2026-178

Malicious code in n8n-nodes-hfgjf-irtuinvcm-lasdqewriit (npm)

Published Jan 9, 2026

MAL-2026-538

Malicious code in n8n-nodes-gasdhgfuy-rejerw-ytjsadx (npm)

Published Jan 27, 2026

MAL-2026-539

Malicious code in n8n-nodes-gg-udhasudsh-hgjkhg-official (npm)

Published Jan 27, 2026

GHSA-f3rg-xqjj-cj9w

n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shaped node parameters

Published May 18, 2026

GHSA-jxx9-px88-pj69

n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete

Published May 18, 2026

MAL-2026-540

Malicious code in n8n-nodes-xkwqpzrt-jmflhvbn-dsyocgxwmkelpt (npm)

Published Jan 27, 2026

MAL-2026-68

Malicious code in n8n-nodes-performance-metrics (npm)

Published Jan 6, 2026

MAL-2026-1470

Malicious code in n8n-nodes-json-helper (npm)

Published Mar 16, 2026

MAL-2026-1471

Malicious code in n8n-nodes-text-utils (npm)

Published Mar 16, 2026

GHSA-56c3-vfp2-5qqj

n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders

Published Apr 30, 2026

MAL-2026-6071

Malicious code in n8n-nodes-security-test-poc (npm)

Published Jun 17, 2026

MAL-2025-191225

Malicious code in @hapheus/n8n-nodes-pgp (npm)

Published Nov 24, 2025

MAL-2025-191399

Malicious code in n8n-nodes-viral-app (npm)

Published Nov 25, 2025

Check your entire dependency tree at onceRun dependency scan →