Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local attack requiring low-privilege access to invoke the file endpoint; unchanged scope and partial C/I/A reflect limited traversal impact bounded by process permissions.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was identified in makafeli n8n-workflow-builder up to 0.11.0. Affected is an unknown function of the file build/server.cjs of the component update_node_from_file. The manipulation of the argument filePath leads to path traversal. An attack has to be approached locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Path traversal in makafeli n8n-workflow-builder (versions up to 0.11.0) allows a local low-privileged attacker to manipulate the filePath argument in the update_node_from_file function within build/server.cjs, enabling arbitrary file reads and writes outside the intended directory scope. A publicly available proof-of-concept exists on GitHub (issue #28), and the vendor has not responded to the coordinated disclosure. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Local access to the host running n8n-workflow-builder is required - remote network exploitation is not possible given AV:L in the CVSS 4.0 vector. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 4.8 (Medium) is derived from a local attack vector (AV:L), low complexity (AC:L), no attack requirements (AT:N), low privileges required (PR:L), no user interaction (UI:N), and low confidentiality, integrity, and availability impact on the vulnerable system with no scope change to subsequent systems. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local attacker with low-level access to the host running n8n-workflow-builder - such as a developer account or a process that has achieved initial foothold - calls the update_node_from_file endpoint and supplies a crafted filePath value containing directory traversal sequences (e.g., ../../../../etc/passwd) to read sensitive system files or overwrite application files outside the intended directory. A public POC demonstrating this technique is available at GitHub issue #28, reducing the skill required for exploitation. |
| Remediation | No vendor-released patch identified at time of analysis - the maintainer has not responded to the disclosure reported via GitHub issue #28 (https://github.com/makafeli/n8n-workflow-builder/issues/28). … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43261
GHSA-pjp8-f5mg-f25p