13 matches found
CVE-2026-56778
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...
CVE-2026-56778
CVE-2026-56778 (n8n) : Affected versions are n8n before 2.25.7 and 2.26.x before 2.26.2. The Public API execution retry endpoint authorizes with the workflow:read scope instead of workflow:execute, allowing an authenticated user with read-only access to a shared workflow to retry executions, bypa...
CVE-2026-56778 n8n - Authorization Bypass in Public API Execution Retry Endpoint
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to ret...
Incorrect Authorization
Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Incorrect Authorization in the shared workflows. An attacker can gain unauthorized access to credentials belonging to other users by exploiting insufficient ownership checks via specific public API...
CVE-2026-54307
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to...
CVE-2026-54307
Summary: CVE-2026-54307 affects n8n prior to versions 1.123.55, 2.25.7, and 2.26.2, where a member-level editor of a shared workflow could reference credentials they do not own due to partial credential ownership checks, enabling cross-user credential access via public API endpoints. The issue is...
GHSA-PMQW-72CG-WX85 n8n: Credential Exfiltration via Permission Bypass
Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing i...
n8n: Credential Exfiltration via Permission Bypass
Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing i...
PT-2026-50173
Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.55 n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description An open source workflow automation platform contains an issue where a member-level user with editor access to a shared workflow can reference...
CVE-2026-42226
n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supp...
CVE-2026-42226
The CVE concerns n8n, an open source workflow automation platform. Before versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workfl...
MAL-2025-5956 Malicious code in shared-workflows (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d2e9e3bd8389efce3114016d94776de4d6947e98d829761b9bb1be64e02ff66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in shared-workflows (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d2e9e3bd8389efce3114016d94776de4d6947e98d829761b9bb1be64e02ff66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...