n8n

Top products

The 15 most recently published vulnerabilities affecting n8n.

• CVE-2026-42237n8n: SQL Injection in Snowflake and MySQL Nodes8.8May 4, 2026
• CVE-2026-42236n8n: Unauthenticated Denial of Service via MCP Client Registration7.5May 4, 2026
• CVE-2026-42235n8n: XSS via MCP OAuth client9.6May 4, 2026
• CVE-2026-42234n8n: Python Task Runner Sandbox Escape8.8May 4, 2026
• CVE-2026-42233n8n: SQL Injection in Oracle Database Node via Limit Field9.8May 4, 2026
• CVE-2026-42232n8n: XML Node Prototype Pollution to RCE8.8May 4, 2026
• CVE-2026-42231n8n: Prototype Pollution in XML Webhook Body Parser Leads to RCE8.8May 4, 2026
• CVE-2026-42230n8n: Open Redirect in MCP OAuth Consent Flow6.1May 4, 2026
• CVE-2026-42229n8n: SQL Injection in SeaTable Node8.8May 4, 2026
• CVE-2026-42228n8n: Hijacking of Unauthenticated Chat Execution6.5May 4, 2026
• CVE-2026-42227n8n: Public API Variables IDOR Allows Cross-Project Secret Disclosure6.5May 4, 2026
• CVE-2026-42226n8n: Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key Replay7.5May 4, 2026
• CVE-2026-33751n8n Vulnerable to LDAP Filter Injection in LDAP Node4.8Mar 25, 2026
• CVE-2026-33749n8n Vulnerable to XSS via Binary Data Inline HTML Rendering9.0Mar 25, 2026
• CVE-2026-33724n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no7.4Mar 25, 2026