Search criteria
Related vulnerabilities
GHSA-MHRX-QHRJ-673W
Vulnerability from github – Published: 2026-05-14 16:18 – Updated: 2026-05-14 16:18
VLAI
Summary
n8n Has a Source Control Pull SQL Injection
Details
Impact
An attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection on the internal PostgreSQL instance.
Exploitation requires all of the following conditions: - The n8n instance uses PostgreSQL as its database backend. - The Source Control feature is enabled and connected to a repository the attacker can write to. - An administrator triggers a Source Control Pull.
Patches
The issue has been fixed in n8n version 1.123.43, 2.20.7, and 2.21.1. Users should upgrade to this version or later to remediate the vulnerability.
Workarounds
If upgrading is not immediately possible, administrators should consider the following temporary mitigations: - Disable the Source Control feature if it is not actively required. - Restrict write access to the connected git repository to fully trusted users only. - Avoid pulling from repositories that may have been modified by untrusted parties.
These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
Severity
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "n8n"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.123.43"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "n8n"
},
"ranges": [
{
"events": [
{
"introduced": "2.21.0"
},
{
"fixed": "2.21.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "n8n"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0-rc.0"
},
{
"fixed": "2.20.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44792"
],
"database_specific": {
"cwe_ids": [
"CWE-89"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-14T16:18:00Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "## Impact\nAn attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection on the internal PostgreSQL instance.\n\nExploitation requires all of the following conditions:\n- The n8n instance uses PostgreSQL as its database backend.\n- The Source Control feature is enabled and connected to a repository the attacker can write to.\n- An administrator triggers a Source Control Pull.\n\n## Patches\nThe issue has been fixed in n8n version 1.123.43, 2.20.7, and 2.21.1. Users should upgrade to this version or later to remediate the vulnerability.\n\n## Workarounds\nIf upgrading is not immediately possible, administrators should consider the following temporary mitigations:\n- Disable the Source Control feature if it is not actively required.\n- Restrict write access to the connected git repository to fully trusted users only.\n- Avoid pulling from repositories that may have been modified by untrusted parties.\n\nThese workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.",
"id": "GHSA-mhrx-qhrj-673w",
"modified": "2026-05-14T16:18:00Z",
"published": "2026-05-14T16:18:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-mhrx-qhrj-673w"
},
{
"type": "PACKAGE",
"url": "https://github.com/n8n-io/n8n"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"type": "CVSS_V4"
}
],
"summary": "n8n Has a Source Control Pull SQL Injection"
}
WID-SEC-W-2026-1519
Vulnerability from csaf_certbund - Published: 2026-05-12 22:00 - Updated: 2026-05-17 22:00Summary
n8n: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: n8n ist ein Workflow-Automatisierungstool, mit dem verschiedene Anwendungen und Dienste miteinander verbunden werden können, um Aufgaben zu automatisieren.
Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in n8n ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, SQL-Injection-Angriffe durchzuführen, Daten zu manipulieren oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.21.1
n8n / n8n
|
<2.21.1 | ||
|
n8n n8n <2.20.7
n8n / n8n
|
<2.20.7 | ||
|
n8n n8n <2.22.1
n8n / n8n
|
<2.22.1 | ||
|
n8n n8n <1.123.43
n8n / n8n
|
<1.123.43 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.21.1
n8n / n8n
|
<2.21.1 | ||
|
n8n n8n <2.20.7
n8n / n8n
|
<2.20.7 | ||
|
n8n n8n <2.22.1
n8n / n8n
|
<2.22.1 | ||
|
n8n n8n <1.123.43
n8n / n8n
|
<1.123.43 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.21.1
n8n / n8n
|
<2.21.1 | ||
|
n8n n8n <2.20.7
n8n / n8n
|
<2.20.7 | ||
|
n8n n8n <2.22.1
n8n / n8n
|
<2.22.1 | ||
|
n8n n8n <1.123.43
n8n / n8n
|
<1.123.43 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.21.1
n8n / n8n
|
<2.21.1 | ||
|
n8n n8n <2.20.7
n8n / n8n
|
<2.20.7 | ||
|
n8n n8n <1.123.43
n8n / n8n
|
<1.123.43 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.21.1
n8n / n8n
|
<2.21.1 | ||
|
n8n n8n <2.20.7
n8n / n8n
|
<2.20.7 | ||
|
n8n n8n <1.123.43
n8n / n8n
|
<1.123.43 |
Vulnerability 6
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
n8n n8n <2.20.0
n8n / n8n
|
<2.20.0 | ||
|
n8n n8n <1.123.43
n8n / n8n
|
<1.123.43 |
References
8 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "n8n ist ein Workflow-Automatisierungstool, mit dem verschiedene Anwendungen und Dienste miteinander verbunden werden k\u00f6nnen, um Aufgaben zu automatisieren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in n8n ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, SQL-Injection-Angriffe durchzuf\u00fchren, Daten zu manipulieren oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1519 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1519.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1519 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1519"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-3875-8gcx-7v46 vom 2026-05-12",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-3875-8gcx-7v46"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-57g9-58c2-xjg3 vom 2026-05-12",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-57g9-58c2-xjg3"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-6h4j-wcr9-2vg7 vom 2026-05-12",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-6h4j-wcr9-2vg7"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c8xv-5998-g76h vom 2026-05-12",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-c8xv-5998-g76h"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-mhrx-qhrj-673w vom 2026-05-12",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-mhrx-qhrj-673w"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-wrwr-h859-xh2r vom 2026-05-12",
"url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-wrwr-h859-xh2r"
}
],
"source_lang": "en-US",
"title": "n8n: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-17T22:00:00.000+00:00",
"generator": {
"date": "2026-05-18T05:46:13.889+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1519",
"initial_release_date": "2026-05-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-17T22:00:00.000+00:00",
"number": "2",
"summary": "Erg\u00e4nzung Version 2.21.1; Anpassung Versionszuordnungen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.20.0",
"product": {
"name": "n8n n8n \u003c2.20.0",
"product_id": "T054013"
}
},
{
"category": "product_version",
"name": "2.20.0",
"product": {
"name": "n8n n8n 2.20.0",
"product_id": "T054013-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.20.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.123.43",
"product": {
"name": "n8n n8n \u003c1.123.43",
"product_id": "T054014"
}
},
{
"category": "product_version",
"name": "1.123.43",
"product": {
"name": "n8n n8n 1.123.43",
"product_id": "T054014-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:1.123.43"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.22.1",
"product": {
"name": "n8n n8n \u003c2.22.1",
"product_id": "T054015"
}
},
{
"category": "product_version",
"name": "2.22.1",
"product": {
"name": "n8n n8n 2.22.1",
"product_id": "T054015-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.22.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.20.7",
"product": {
"name": "n8n n8n \u003c2.20.7",
"product_id": "T054016"
}
},
{
"category": "product_version",
"name": "2.20.7",
"product": {
"name": "n8n n8n 2.20.7",
"product_id": "T054016-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.20.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2.21.1",
"product": {
"name": "n8n n8n \u003c2.21.1",
"product_id": "T054228"
}
},
{
"category": "product_version",
"name": "2.21.1",
"product": {
"name": "n8n n8n 2.21.1",
"product_id": "T054228-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:n8n:n8n:2.21.1"
}
}
}
],
"category": "product_name",
"name": "n8n"
}
],
"category": "vendor",
"name": "n8n"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44789",
"product_status": {
"known_affected": [
"T054228",
"T054016",
"T054015",
"T054014"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-44789"
},
{
"cve": "CVE-2026-44790",
"product_status": {
"known_affected": [
"T054228",
"T054016",
"T054015",
"T054014"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-44790"
},
{
"cve": "CVE-2026-44791",
"product_status": {
"known_affected": [
"T054228",
"T054016",
"T054015",
"T054014"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-44791"
},
{
"cve": "CVE-2026-44792",
"product_status": {
"known_affected": [
"T054228",
"T054016",
"T054014"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-44792"
},
{
"cve": "CVE-2026-45732",
"product_status": {
"known_affected": [
"T054228",
"T054016",
"T054014"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00",
"title": "CVE-2026-45732"
},
{
"product_status": {
"known_affected": [
"T054013",
"T054014"
]
},
"release_date": "2026-05-12T22:00:00.000+00:00"
}
]
}