Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

n8n-io — Vulnerabilities & Security Advisories 46

Browse all 46 CVE security advisories affecting n8n-io. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by n8n-io:n8n
CVE IDTitleCVSSSeverityPublished
CVE-2026-21894 n8n's Missing Stripe-Signature Verification Allows Unauthenticated Forged Webhooks — n8nCWE-290 6.5 Medium2026-01-08
CVE-2026-21877 n8n is vulnerable to Remote Code Execution via Arbitrary File Write — n8nCWE-94 10.0 Critical2026-01-08
CVE-2026-21858 n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling — n8nCWE-20 10.0 Critical2026-01-07
CVE-2025-68697 Self-hosted n8n has Legacy Code node that enables arbitrary file read/write — n8nCWE-269 7.1 High2025-12-26
CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node — n8nCWE-693 9.9 Critical2025-12-26
CVE-2025-61914 n8n's Possible Stored XSS in "Respond to Webhook" Node May Execute Outside iframe Sandbox — n8nCWE-79 7.3 High2025-12-26
CVE-2025-68613 n8n Vulnerable to Remote Code Execution via Expression Injection — n8nCWE-913 10.0 Critical2025-12-19
CVE-2025-65964 n8n Vulnerable to Remote Code Execution via Git Node Custom Pre-Commit Hook — n8nCWE-829 9.8AICriticalAI2025-12-08
CVE-2025-62726 n8n Vulnerable to Remote Code Execution via Git Node Pre-Commit Hook — n8nCWE-829 8.8 High2025-10-30
CVE-2025-58177 n8n stored cross-site scripting in LangChain Chat Trigger node initialMessages parameter — n8nCWE-79 5.4 Medium2025-09-15
CVE-2025-57749 n8n has a symlink traversal vulnerability in "Read/Write File" node allows access to restricted files — n8nCWE-59 6.5 Medium2025-08-20
CVE-2025-52478 Stored XSS in n8n Form Trigger allows Account Takeover via injected iframe and video/source — n8nCWE-79 8.7 High2025-08-19
CVE-2025-52554 n8n Improper Authorization in Workflow Execution Stop Endpoint Allows Terminating Other Users’ Workflows — n8nCWE-862 5.4AIMediumAI2025-07-03
CVE-2025-49595 n8n Vulnerable to Denial of Service via Malformed Binary Data Requests — n8nCWE-400 4.9 Medium2025-07-03
CVE-2025-49592 n8n Login Flow has Open Redirect Vulnerability — n8nCWE-601 4.6 Medium2025-06-26
CVE-2025-46343 n8n Vulnerable to Stored XSS through Attachments View Endpoint — n8nCWE-79 5.0 Medium2025-04-29

This page lists every published CVE security advisory associated with n8n-io. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.