Skip to main content

n8n EUVDEUVD-2026-38477

| CVE-2026-54302 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-06-16 https://github.com/n8n-io/n8n GHSA-42h7-m79w-wvg5
7.0
CVSS 4.0 · Vendor: https://github.com/n8n-io/n8n
Share

Severity by source

Vendor (https://github.com/n8n-io/n8n) PRIMARY
7.0 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.6 HIGH

Network-reachable web UI, authenticated workflow editor required (PR:L), victim must visit chat URL (UI:R), and XSS in n8n origin crosses to the victim's session context (S:C).

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (https://github.com/n8n-io/n8n).

CVSS VectorVendor: https://github.com/n8n-io/n8n

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

6
Analysis Updated
Jun 23, 2026 - 18:41 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 23, 2026 - 18:40 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 23, 2026 - 18:22 vuln.today
cvss_changed
CVSS changed
Jun 23, 2026 - 18:22 NVD
7.6 (HIGH) 7.0 (HIGH)
Source Code Evidence Fetched
Jun 17, 2026 - 00:09 vuln.today
Analysis Generated
Jun 17, 2026 - 00:09 vuln.today

DescriptionCVE.org

Impact

An authenticated user with workflow edit access could inject arbitrary JavaScript into the Chat Trigger's generated page by setting a malicious webhookId. When a logged-in user visited the chat URL, the injected code executed in the n8n origin with that user's session privileges.

Patches

The issue has been fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2. Users should upgrade to one of these versions or later to remediate the vulnerability.

Workarounds

If upgrading is not immediately possible, administrators should consider the following temporary mitigations:

  • Limit workflow creation and editing permissions to fully trusted users only.
  • Disable the Chat Trigger node by adding @n8n/n8n-nodes-langchain.chatTrigger to the NODES_EXCLUDE environment variable.

These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

AnalysisAI

Stored cross-site scripting in n8n workflow automation platform allows authenticated users with workflow edit permissions to inject arbitrary JavaScript via the Chat Trigger node's webhookId parameter. When a logged-in user visits the chat URL, the injected code executes in the n8n origin with the victim's session privileges, enabling account takeover. No public exploit identified at time of analysis, but a vendor-released patch is available.

Technical ContextAI

n8n is a popular open-source workflow automation platform distributed via npm (pkg:npm/n8n). The vulnerability is a CWE-79 (Improper Neutralization of Input During Web Page Generation, i.e., Cross-Site Scripting) flaw in the Chat Trigger node provided by the @n8n/n8n-nodes-langchain package. The webhookId field, which forms part of the chat URL and is rendered into the generated chat page, is insufficiently sanitized, allowing an attacker to break out of the intended HTML/JS context and inject script that runs same-origin in the n8n web UI.

RemediationAI

Vendor-released patch: upgrade n8n to 1.123.55, 2.25.7, or 2.26.2 (or later), as appropriate for your release track, per the GitHub Security Advisory at https://github.com/n8n-io/n8n/security/advisories/GHSA-42h7-m79w-wvg5. If immediate upgrade is not possible, restrict workflow creation and editing permissions to fully trusted users only to reduce the pool of potential injectors, and disable the Chat Trigger node by adding @n8n/n8n-nodes-langchain.chatTrigger to the NODES_EXCLUDE environment variable - the trade-off is that any existing chat-based workflows will stop functioning. These workarounds are partial and should be treated as bridging measures, not a substitute for patching.

Share

EUVD-2026-38477 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy