Which versions of n8n are affected by CVE-2026-44790?

CVE-2026-44790 is a critical argument injection vulnerability in n8n workflow automation that allows authenticated users with workflow editing permissions to read arbitrary files and potentially…. A patch is available.

n8n CVE-2026-44790

CRITICAL

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)

2026-05-14 https://github.com/n8n-io/n8n

GHSA-57g9-58c2-xjg3

Code Injection

Lifecycle Timeline

Source Code Evidence Fetched

May 14, 2026 - 17:02 vuln.today

Analysis Generated

May 14, 2026 - 17:02 vuln.today

CVE Published

May 14, 2026 - 16:17 nvd

CRITICAL

DescriptionNVD

Impact

An authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leading to full compromise.

Patches

The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users should upgrade to one of these versions or later to remediate the vulnerability.

Workarounds

If upgrading is not immediately possible, administrators should consider the following temporary mitigations:

Limit workflow creation and editing permissions to fully trusted users only.
Disable the Git node by adding n8n-nodes-base.git to the NODES_EXCLUDE environment variable.

These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

--- n8n has adopted CVSS 4.0 as primary score for all security advisories. CVSS 3.1 vector strings are provided for backwards compatibility.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AnalysisAI

Arbitrary file read in n8n workflow automation allows authenticated users with workflow editing permissions to inject malicious CLI flags into the Git node's Push operation, enabling access to sensitive files on the n8n server and potential full system compromise. The vulnerability affects all n8n versions prior to the patched releases (1.123.43, 2.20.7, 2.22.1) and exploits CWE-88 (argument injection) through insufficient sanitization of Git command parameters. …

RemediationAI

Within 24 hours: Identify all n8n instances in your environment and document current version numbers; restrict workflow editing permissions to only trusted administrators and audit recent workflow modifications for suspicious Git node activity. Within 7 days: Upgrade all n8n instances to version 1.123.43, 2.20.7, or 2.22.1 or later per vendor advisory; validate upgrade completion across all deployments. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-44790 vulnerability details – vuln.today

Back