Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable EE endpoints exploitable by any authenticated user (PR:L), no UI; scope changes as victim's OAuth integrations on other systems are impacted; token revocation gives partial availability impact.
Primary rating from Vendor (https://github.com/n8n-io/n8n).
CVSS VectorVendor: https://github.com/n8n-io/n8n
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
Impact
Three EE endpoints used by the Dynamic Credentials feature accepted any authenticated n8n session without performing per-resource ownership or scope checks on the target workflow or credential. An authenticated user with no project membership or credential sharing relationship could enumerate credential identifiers, names, and types referenced by any private workflow in the instance, initiate an OAuth authorization flow against another user's credential to overwrite its stored tokens with tokens bound to an account they control, or revoke another user's stored credential tokens entirely.
Workflows relying on a hijacked credential would subsequently execute under the attacker's OAuth identity, enabling data exfiltration to attacker-controlled external services and persistent takeover of integrations. Token revocation would break affected workflows.
This issue only affects Enterprise instances where the Dynamic Credentials feature is enabled.
Patches
The issue has been fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2. Users should upgrade to one of these versions or later to remediate the vulnerability.
Workarounds
If upgrading is not immediately possible, administrators should consider the following temporary mitigations:
- Restrict n8n instance access to fully trusted users only.
- If the Dynamic Credentials feature is not actively required, disable it by unsetting
N8N_ENV_FEAT_DYNAMIC_CREDENTIALS.
These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
AnalysisAI
Cross-tenant credential takeover in n8n Enterprise allows any authenticated user to hijack OAuth credentials belonging to other tenants when the Dynamic Credentials feature is enabled. Three EE endpoints failed to enforce per-resource ownership checks, letting attackers enumerate credentials across private workflows, overwrite stored OAuth tokens with attacker-controlled tokens, or revoke victim tokens entirely. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires an n8n Enterprise instance with the Dynamic Credentials feature explicitly enabled via the N8N_ENV_FEAT_DYNAMIC_CREDENTIALS environment variable, plus any valid authenticated session on the instance (no project membership, role, or sharing relationship with the target resource is required, consistent with CVSS PR:L). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L) scores 8.9 and accurately reflects a network-exploitable, low-privilege flaw with high confidentiality and integrity impact on both the vulnerable and subsequent systems - the subsequent-system impact is meaningful here because hijacked OAuth tokens grant access to third-party SaaS integrations (Google, Slack, GitHub, etc.). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker provisions or compromises any low-privilege n8n account on a vulnerable Enterprise instance, then calls the unprotected Dynamic Credentials EE endpoints to enumerate credential IDs referenced by other tenants' private workflows. The attacker initiates an OAuth authorization flow against a chosen victim credential, completing it with their own account so that the victim's stored tokens are overwritten with attacker-bound tokens. … |
| Remediation | Vendor-released patch: upgrade to n8n 1.123.55, 2.25.7, or 2.26.2 (or later) depending on the release line in use, as documented in GHSA-2j5h-858j-5mpf (https://github.com/n8n-io/n8n/security/advisories/GHSA-2j5h-858j-5mpf). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Disable Dynamic Credentials if non-essential and audit access logs for suspicious activity. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38476
GHSA-2j5h-858j-5mpf