Lucene search
K

n8n: Stored XSS in Chat Trigger Node

🗓️ 16 Jun 2026 22:39:32Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 9 Views

Stored cross site scripting in the chat trigger node allows injection by authenticated users; upgrade to fixed versions.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-54302
23 Jun 202615:46
attackerkb
CVE
CVE-2026-54302
23 Jun 202615:46
cve
Cvelist
CVE-2026-54302 n8n: Stored XSS in Chat Trigger Node
23 Jun 202615:46
cvelist
EUVD
EUVD-2026-38477
23 Jun 202615:46
euvd
NCSC
Vulnerabilities handled in the n8n workflow automation platform
29 Jun 202608:02
ncsc
NVD
CVE-2026-54302
23 Jun 202617:17
nvd
OSV
GHSA-42H7-M79W-WVG5 n8n: Stored XSS in Chat Trigger Node
16 Jun 202622:39
osv
OSV
MINI-G5XX-XGGH-G95C
17 Jun 202616:23
osv
OSV
ROOT-APP-NPM-CVE-2026-54302 CVE-2026-54302 in @rootio/n8n - Patched by Root
30 Jun 202609:33
osv
Patchstack
NPM: n8n: Stored XSS in Chat Trigger Node
16 Jun 202622:39
patchstack
Rows per page
Vulners
Node
n8nn8nRange2.0.0-rc.02.25.7npm
OR
n8nn8nRange2.26.02.26.2npm
OR
n8nn8nRange<1.123.55npm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation