External risk intelligence

n8n Authenticated User Arbitrary File Read Leading to Server Compromise.

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-44790

n8n is a workflow automation platform often deployed as a web application. While it can be internet-facing, this specific vulnerability requires an authenticated user with existing permissions to modify workflows, which typically restricts the exploit path to authorized users rather than anonymous public internet traffic.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This advisory concerns a critical vulnerability identified in n8n, an open-source workflow automation platform. An authenticated user with specific permissions could potentially exploit this flaw to access arbitrary files on the server, which may lead to a complete system compromise. The primary concern is confirming the relevance and exposure of this vulnerability within your environment.

  • Authenticated users could read server files.
  • Affects workflow automation, a critical business function.
  • Verify if your n8n instances are affected.

Attack Path

How an attacker could exploit the issue

An attacker with authenticated access and the ability to modify workflows can inject malicious commands into the Git node's Push operation. This allows them to read sensitive files from the n8n server, potentially leading to a complete system compromise.

  • Requires authenticated user access.
  • Involves injecting CLI flags on Git Push.
  • Can lead to server file disclosure.

Live Threat

Current exploitation, exposure, and threat context

An authenticated user with workflow modification permissions could potentially read arbitrary files from the n8n server by injecting CLI flags on the Git node's Push operation. This could lead to a full compromise of the server when supported by the advisory.

  • Server files could be exposed.
  • Injected CLI flags could cause leakage.
  • Full server compromise may occur.

Operational Fix

Recommended remediation, mitigation, and detection steps

The n8n platform's owner or the team responsible for its infrastructure should lead the response to this vulnerability. The first step is to identify all n8n instances, confirm their reachability and business criticality, and then assign an owner for remediation planning.

  • Own the issue: n8n instance owners.
  • Verify first: Reachability and critical workflows.
  • Action: Plan controlled updates.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is n8n and how is it used?

n8n is an open-source platform designed for workflow automation, allowing users to connect various applications and services through visual nodes. It acts as a bridge to automate tasks and data movement across different systems, often hosted on a server to manage ongoing background processes and integrations for business operations.

What does CWE-88 mean for CVE-2026-44790?

CVE-2026-44790 involves CWE-88, which is the Argument Injection weakness class. This means the application improperly handles user-provided input that is passed to a command-line interface. In this case, an attacker can manipulate input to the Git node's Push operation to trick the server into running unauthorized flags, effectively extending the command and accessing unintended files.

How can an attacker trigger this vulnerability?

An attacker needs existing authenticated access to the n8n environment with specific permissions to create or modify workflows. By targeting the Git node's Push operation, they can inject malicious command-line flags. Users who do not have permission to edit or create workflows cannot trigger this behavior, as the flaw relies on the ability to manipulate the workflow configuration itself.

Is my n8n instance at risk based on Halo Surface Signal?

Halo Surface Signal notes that while n8n is often deployed as a web application, this specific flaw requires authenticated access rather than anonymous internet access. You should evaluate if your internal or external instances have users with workflow-modification permissions who could potentially abuse this, as the risk is primarily tied to authorized user accounts.

How do I respond to this n8n vulnerability?

First, locate all running n8n instances within your environment and check their current version. If you are using a version prior to 1.123.43, 2.22.1, or 2.20.7, plan an update to the latest patched release. Assign an owner to oversee the update process and verify that access controls for workflow modifications are strictly managed to limit internal risk while preparing for the deployment.

References