The n8n workflow automation software, in versions prior to 2, contains a vulnerability that could be leveraged by attackers to compromise the application environment.

This vulnerability affects n8n prior to version 2. The flaw potentially exposes critical internal functions to unauthorized manipulation, significantly increasing the risk of workflow subversion or data leakage.

The CVSS score of 8.2 confirms a High-severity risk, which could result in the compromise of automated business processes, unauthorized execution of workflows, or access to sensitive integrated data. Failure to remediate this vulnerability could lead to significant operational disruption and loss of confidentiality for automated enterprise services.

Immediate Action: Upgrade all n8n instances to version 2 or the latest patched release immediately.

Proactive Monitoring: Monitor workflow execution logs for unauthorized changes or attempts to execute workflows with elevated privileges.

Compensating Controls: Restrict administrative access to the n8n interface by placing the instance behind a VPN or an authenticated proxy service.

Public Exploit Available: false

Organizations utilizing n8n must treat this vulnerability with high priority. We recommend an immediate upgrade to version 2 to eliminate the security gap and prevent potential exploitation of your automated business workflows.