External risk intelligence

n8n Workflow Automation RCE via XML Node Bypass

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-44791

n8n is a workflow automation platform frequently deployed as a web-accessible service or API gateway to integrate with external systems and webhooks. While the vulnerability requires authentication, the platform's role as a centralized integration and automation hub means its interface is commonly reachable via the public internet in many operational deployments.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This advisory addresses a critical vulnerability in the n8n open-source workflow automation platform. An authenticated user with specific permissions could exploit a bypass of a previous security fix, potentially leading to remote code execution on the n8n host when combined with other workflow components. The primary concern is to confirm if this technology is in use and, if so, to understand the exposure.

  • Authenticated users can execute arbitrary code.
  • Automation platform central to business processes.
  • Assess n8n usage and exposure risks.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this vulnerability by first gaining authenticated access to n8n, a workflow automation platform. Once authenticated, they would need the ability to create or modify workflows. By manipulating the XML node within a workflow, particularly in conjunction with other nodes, the attacker could trigger the vulnerability, potentially leading to remote code execution on the n8n host.

  • Requires authenticated user with workflow permissions.
  • Triggered by modifying XML node in workflows.
  • Risk of remote code execution.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow an authenticated user to execute arbitrary code on the n8n host when specific workflow configurations are met. The system data and behavior of the n8n service itself may be affected.

  • n8n host system data.
  • Authenticated workflow modification.
  • Remote code execution on host.

Operational Fix

Recommended remediation, mitigation, and detection steps

Application owners and platform teams are likely responsible for managing n8n instances, as it's an open-source workflow automation platform. The first practical step involves identifying all deployed n8n instances, assessing their reachability and business criticality, and then coordinating with the accountable owner to plan remediation, focusing on instances that are externally accessible or handle sensitive data.

  • Ownership: Application or platform teams.
  • Verify first: Instance reachability and criticality.
  • Action: Plan and execute remediation.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is n8n and what is it used for?

n8n is an open-source workflow automation platform designed to connect various applications and services. Users rely on it to build complex automated processes by chaining together different nodes, which act as building blocks for tasks. Because it serves as a central hub for integrating external systems, APIs, and webhooks, it often acts as the engine that powers cross-platform data movement and business logic execution.

What does CVE-2026-44791 mean in plain English?

CVE-2026-44791 is a vulnerability classified as CWE-1321, or improper control of generation of code. It involves a flaw where an authenticated user can bypass a previously implemented security fix related to how the software handles XML data. By manipulating the XML node in a specific way, an attacker can trick the platform into executing unintended commands, which can escalate to full remote code execution on the server hosting the n8n instance.

How is this vulnerability triggered?

To trigger this issue, an attacker must have authenticated access to the n8n instance and the permissions required to create or modify workflows. Simply having an account is not enough; the user must actively configure a workflow using the vulnerable XML node, typically in combination with other nodes. This means it is not triggered by casual browsing or unauthorized access, but rather by the deliberate misuse of existing workflow-building capabilities.

Why should I care about CVE-2026-44791?

According to Halo Surface Signal, n8n is frequently deployed as a web-accessible service or API gateway, making its interface commonly reachable via the public internet. If your instance is exposed to the internet, the risk increases because an attacker does not need internal network access to reach the login page. Even if it is internal, any user with workflow-creation privileges could potentially compromise the host system, making it a priority for organizations using the platform.

How do I address this CVE?

The most effective way to address this vulnerability is to update your n8n software to the fixed versions: 1.123.43, 2.22.1, or 2.20.7. Start by inventorying all your deployed n8n instances to determine which ones are running older versions. Prioritize updates for instances that are externally accessible or handle sensitive business data. Coordinate with your platform teams to apply the update and verify that your workflows function as expected after the patch.

References