n8n-mcp

9 known vulnerabilities · 0 critical · 0 high

GHSA-75hx-xj24-mqrw

n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport

Published Apr 10, 2026

GHSA-4ggg-h7ph-26qr

n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode

Published Apr 8, 2026

GHSA-8g7g-hmwm-6rv2

n8n-mcp affected by path traversal, redirect-following SSRF, and telemetry payload exposure

Published May 8, 2026

GHSA-cmrh-wvq6-wm9r

n8n-mcp webhook and API client paths has an authenticated SSRF

Published May 8, 2026

GHSA-pfm2-2mhg-8wpx

n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests

Published Apr 23, 2026

GHSA-wg4g-395p-mqv3

n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode

Published Apr 25, 2026

GHSA-f3rg-xqjj-cj9w

n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shaped node parameters

Published May 18, 2026

GHSA-jxx9-px88-pj69

n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete

Published May 18, 2026

GHSA-56c3-vfp2-5qqj

n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders

Published Apr 30, 2026

Check your entire dependency tree at onceRun dependency scan →