CVE-2026-54052

czlonkowski · n8n-mcp

A multi-tenancy authorization bypass in n8n-mcp allows authenticated tenants to access, modify, or delete sensitive workflow backups belonging to other tenants.

Executive summary

A critical authorization bypass in n8n-mcp enables authenticated tenants to access and destroy data belonging to other users in a multi-tenant environment.

Vulnerability

The software fails to properly isolate local workflow backups when multi-tenancy is enabled. An authenticated tenant can manipulate directory paths to read or delete snapshots, credentials, and configuration data from other tenants.

Business impact

Successful exploitation leads to a complete loss of data confidentiality and integrity for all tenants sharing the instance. Attackers can steal sensitive credentials, authorization headers, and proprietary workflow logic, resulting in significant operational disruption and compliance risks. The 9.9 CVSS score reflects the severe impact on multi-tenant isolation.

Remediation

Immediate Action: Update czlonkowski n8n-mcp to version 2.56.1 or later to enforce correct tenant isolation.

Proactive Monitoring: Review audit logs for unauthorized access patterns or unexpected file deletion activity within the backup storage directories.

Compensating Controls: If immediate patching is not possible, disable multi-tenant mode or restrict access to the affected service to trusted networks.

Exploitation status

Public Exploit Available: No

Analyst recommendation

The vulnerability represents a fundamental failure in the multi-tenancy security model of the software. Administrators must treat this as a high-priority update to prevent cross-tenant data exposure and potential administrative compromise of the n8n-mcp service.