External risk intelligence

n8n workflow tool lets attackers run any code on your server

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-42231

An internal attacker with n8n workflow permissions could exploit this flaw to take full control of the host server. This allows them to run unauthorized commands, steal sensitive business data, and gain persistent access to the organization's network.

3Halo Surface Signal

Remote Code Execution

N8n

before 1.123.322.17.0 to before 2.17.42.18.0

External exposure likelihood

Halo Surface Signal score for CVE-2026-42231

The n8n platform is a web-based workflow engine often exposed to the internet to receive external webhooks. However, triggering this issue requires an existing authenticated user with workflow management permissions. While the webhook handler is a network-accessible component, the requirement for internal application-level authorization limits the surface area for external unauthenticated access.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Horizon Alert

Summary of the vulnerability and why it matters

A critical security issue exists in the n8n workflow automation platform that could allow an authenticated user to execute arbitrary code. The vulnerability stems from how the platform handles XML data, enabling a specific type of attack that, when combined with other features, compromises the server. This is serious because it allows unauthorized code execution on the n8n host.

  • Remote code execution
  • Requires authenticated access
  • Affects n8n workflow automation

Attack Path

How an attacker could exploit the issue

An authenticated user with workflow creation rights can trigger remote code execution by sending a specially crafted XML payload to the webhook handler. This payload exploits a prototype pollution vulnerability in the xml2js library, which can then be chained with the Git node's SSH functionality to compromise the n8n host.

  • Requires authenticated user access.
  • Targets webhook handler and Git node.
  • XML payload is the key.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could be weaponized by an attacker who has already gained authenticated access to the n8n platform with permissions to manage workflows. The attacker could then craft a malicious XML payload to trigger prototype pollution and chain it with Git node operations to achieve remote code execution.

  • Requires authenticated user access.
  • Exploit chained with Git node operations.
  • Vulnerability patched in recent versions.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Teams should prioritize patching n8n to the latest versions to address the prototype pollution vulnerability. If immediate patching is not feasible, isolate affected n8n instances or restrict access to workflow management functions to prevent exploitation.

  • Upgrade n8n to 1.123.32, 2.17.4, or 2.18.1.
  • Isolate vulnerable n8n instances if patching is delayed.
  • Monitor for unauthorized workflow modifications.

Frequently asked questions

What is n8n and its primary function in workflow automation?

n8n is an open-source platform for automating workflows. It enables users to connect various applications and services, facilitating the automation of tasks and data processing through visual workflow creation. This can streamline operations from simple app-to-app data transfers to intricate, multi-step business processes.

How does the CVE-2026-42231 vulnerability, a prototype pollution flaw, manifest?

This vulnerability, identified as CWE-1321 Prototype Pollution, arises when n8n processes XML data within its webhook handler. An attacker can submit a malicious XML payload designed to pollute the JavaScript object prototype. When this is combined with n8n's Git node, it can permit an attacker to execute code remotely on the n8n host.

What specific components and actions are involved in exploiting this vulnerability?

Exploitation requires an authenticated user with permissions to create or modify workflows. The process involves sending a crafted XML payload to the webhook handler, triggering a prototype pollution flaw in the xml2js library. This flaw can then be chained with the Git node's SSH operations to enable remote code execution.

What is the relevance of CVE-2026-42231, considering its exposure and impact?

The relevance of CVE-2026-42231 is heightened because n8n, as a web-based workflow engine, is often internet-facing to receive external webhooks. Although triggering the vulnerability requires authenticated access, the ability to achieve remote code execution on the host system makes it a critical concern for organizations using the platform.

What are the recommended actions to mitigate the risks associated with this vulnerability?

To address this vulnerability, it is crucial to update n8n to patched versions: 1.123.32, 2.17.4, or 2.18.1. If immediate patching is not possible, consider isolating vulnerable n8n instances or limiting access to workflow management functionalities to prevent exploitation.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified