Skip to main content

n8n CVE-2026-44792

| EUVDEUVD-2026-38486 HIGH
SQL Injection (CWE-89)
2026-05-14 https://github.com/n8n-io/n8n GHSA-mhrx-qhrj-673w
8.9
CVSS 4.0 · Vendor: https://github.com/n8n-io/n8n
Share

Severity by source

Vendor (https://github.com/n8n-io/n8n) PRIMARY
8.9 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.1 HIGH

Network-reachable via git but requires attacker write access to the linked repo (PR:L), admin-triggered pull (UI:R), and PostgreSQL backend plus Source Control enabled (AC:H); full DB compromise yields C/I/A:H.

3.1 AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
4.0 AV:N/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (https://github.com/n8n-io/n8n).

CVSS VectorVendor: https://github.com/n8n-io/n8n

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
A
Scope
X

Lifecycle Timeline

9
Analysis Updated
Jun 23, 2026 - 18:48 vuln.today
v5 (cvss_changed)
Analysis Updated
Jun 23, 2026 - 18:46 vuln.today
v4 (cvss_changed)
Analysis Updated
Jun 23, 2026 - 18:45 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 23, 2026 - 18:45 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 23, 2026 - 18:22 vuln.today
cvss_changed
CVSS changed
Jun 23, 2026 - 18:22 NVD
8.9 (HIGH)
Source Code Evidence Fetched
May 14, 2026 - 17:02 vuln.today
Analysis Generated
May 14, 2026 - 17:02 vuln.today
CVE Published
May 14, 2026 - 16:18 nvd
HIGH

DescriptionCVE.org

Impact

An attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection on the internal PostgreSQL instance.

Exploitation requires all of the following conditions:

  • The n8n instance uses PostgreSQL as its database backend.
  • The Source Control feature is enabled and connected to a repository the attacker can write to.
  • An administrator triggers a Source Control Pull.

Patches

The issue has been fixed in n8n version 1.123.43, 2.20.7, and 2.21.1. Users should upgrade to this version or later to remediate the vulnerability.

Workarounds

If upgrading is not immediately possible, administrators should consider the following temporary mitigations:

  • Disable the Source Control feature if it is not actively required.
  • Restrict write access to the connected git repository to fully trusted users only.
  • Avoid pulling from repositories that may have been modified by untrusted parties.

These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

AnalysisAI

SQL injection in n8n workflow automation platform allows an attacker with write access to a connected git repository to execute arbitrary SQL against the internal PostgreSQL database when an administrator performs a Source Control Pull. The flaw stems from unsafe handling of column names within Data Table JSON files imported during sync. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04%.

Technical ContextAI

n8n is a Node.js-based workflow automation platform distributed via npm. Its Source Control feature synchronizes workflow and Data Table definitions with an external git repository. The vulnerability is a classic CWE-89 SQL injection: column names extracted from attacker-controlled Data Table JSON files are concatenated into SQL statements executed against the backing PostgreSQL instance without proper identifier quoting or allowlist validation. The flaw only manifests on PostgreSQL deployments - affected packages are npm/n8n versions below 1.123.43, the 2.20.x line before 2.20.7, and the 2.21.x line before 2.21.1.

RemediationAI

Vendor-released patches are available: upgrade to n8n 1.123.43, 2.20.7, or 2.21.1 (or later) per the GitHub advisory at https://github.com/n8n-io/n8n/security/advisories/GHSA-mhrx-qhrj-673w. If immediate upgrade is not possible, disable the Source Control feature entirely when not required (this removes the import code path but also removes the workflow-sync capability), restrict write access to the connected git repository to a small set of fully trusted maintainers, and avoid performing Source Control Pull operations against any repository that may have been touched by untrusted contributors. These workarounds reduce but do not eliminate exposure and should be treated as short-term mitigations only.

CVE-2025-1094 HIGH POC
8.1 Feb 13

PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl

CVE-2024-55964 CRITICAL POC
9.8 Mar 26

An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl

CVE-2013-1899 MEDIUM POC
6.5 Apr 04

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re

CVE-2026-20253 CRITICAL POC
9.8 Jun 10

Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.

CVE-2017-7546 CRITICAL
9.8 Aug 16

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow

CVE-2015-1352 MEDIUM POC
5.0 Mar 30

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t

CVE-2024-10553 CRITICAL POC
9.8 Mar 20

A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra

CVE-2019-9193 HIGH POC
7.2 Apr 01

In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve

CVE-2026-40887 CRITICAL POC
9.1 Apr 14

## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin

CVE-2022-24760 CRITICAL POC
10.0 Mar 12

Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot

CVE-2025-56157 CRITICAL POC
9.8 Dec 18

Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al

CVE-2024-12909 CRITICAL POC
9.8 Mar 20

A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for

Share

CVE-2026-44792 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy