CVE-2026-45707

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...

CVE-2026-45707 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...

CVE-2026-45707 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...

CVE-2026-45707

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...

CVE-2026-45707

n8n-MCP vulnerability CVE-2026-45707 affects HTTP-mode multi-tenant deployments. Before v2.51.2, when ENABLE_MULTI_TENANT=true, per-request target n8n instance is chosen via x-n8n-url/x-n8n-key headers; omitting or partially omitting these headers caused requests to fall back to the operator’s pr...

n8n-MCP 访问控制错误漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.51.2 contained an access control vulnerability. This vulnerability arises when multi-tenant mode is enabled, and headers are omitted or only partially provided duri...

GHSA-JXX9-PX88-PJ69 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete

Summary When ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that omitted those headers — or supplied only one of them — silently fell back to the process-level N8NAPIURL / N8NAPIKEY credentials...

PT-2026-41794

Name of the Vulnerable Software and Affected Versions n8n-mcp versions prior to 2.51.2 Description In HTTP-mode deployments run as a shared multi-tenant service where ENABLE MULTI TENANT is set to true, the system selects the target n8n instance per-request using the x-n8n-url and x-n8n-key...

CVE-2026-44694

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

CVE-2026-44694

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

PT-2026-39189

Name of the Vulnerable Software and Affected Versions n8n-MCP versions 2.18.7 through 2.50.1 Description An authenticated server-side request forgery SSRF issue exists affecting the webhook trigger tools, the n8n API client N8N API URL, and per-request URLs provided via the x-n8n-url header in...

CVE-2026-39974 n8n-MCP has an Authenticated SSRF via instance-URL header in multi-tenant HTTP mode

n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...

Server-side Request Forgery (SSRF)

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the instance-URL header in multi-tenant HTTP mode. An authenticated attacker can cause the server to issue HTT...

EUVD-2021-6982

Malicious code in bioql PyPI...

CVE-2023-20254

A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant...

CVE-2021-1515

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is running in multi-tenant mode. An attacker with...

Improper access control

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. This vulnerability is due to improper access controls on API endpoints when Cisco SD-WAN vManage Software is running in multi-tenant mode. An attacker with...