Skip to content
CVSS 8.8 · HIGH

CVE-2026-42232

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype pollution. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.

View on NVD

Analysis

n8n versions prior to 1.123.32, 2.17.4, and 2.18.1 are vulnerable to a prototype pollution attack via the XML Node. Authenticated users with workflow permissions can exploit this to achieve Remote Code Execution (RCE) on the host, making it critical for self-hosted installations to update immediately.

Severity

Score: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-1321

EPSS

Probability of exploitation (next 30 days): 0.0005 (0.1%)
Percentile: 16.3%
EPSS: 2026-05-06

Affects

n8n:n8n

Technical description

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype pollution. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.

Published: 5/4/2026, 7:16:05 PM
Last modified: 5/6/2026, 5:15:28 PM

References

HomeEventsBlogResourcesTeam