Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network API exploitable by an authenticated member (PR:L), no UI; credential disclosure crosses authorization boundary (S:C, C:H), no integrity or availability impact on n8n itself.
Primary rating from Vendor (https://github.com/n8n-io/n8n).
CVSS VectorVendor: https://github.com/n8n-io/n8n
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionCVE.org
Impact
A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access.
This issue affects instances where workflow sharing is enabled and at least one workflow has been shared with a member-level user as an Editor.
Patches
The issue has been fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2. Users should upgrade to one of these versions or later to remediate the vulnerability.
Workarounds
If upgrading is not immediately possible, administrators should consider the following temporary mitigations:
- Restrict workflow sharing to fully trusted users only.
- Audit shared workflows for unexpected credential references or recent modifications.
These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
Credits: Momen Elkhouli
AnalysisAI
Cross-user credential access in n8n workflow automation platform allows member-level users with Editor access to shared workflows to reference credentials owned by other users via specific public API endpoints. The flaw stems from incomplete ownership checks (CWE-863) and affects versions prior to 1.123.55, between 2.0.0-rc.0 and 2.25.7, and between 2.26.0 and 2.26.2. No public exploit identified at time of analysis, but the vulnerability enables credential exfiltration in multi-tenant n8n deployments where workflow sharing is enabled.
Technical ContextAI
n8n is a fair-code workflow automation platform distributed as the npm package 'n8n' that orchestrates integrations across SaaS services using stored credentials. The vulnerability is rooted in CWE-863 (Incorrect Authorization): the public API endpoints that resolve credential references attached to a workflow performed only partial ownership verification, checking workflow access but failing to verify that the requesting user owned (or was granted access to) the referenced credentials. As a result, an Editor on a shared workflow could invoke API calls that disclosed or operated against credentials belonging to the workflow owner or other users, breaking the platform's role-based access control model.
RemediationAI
Vendor-released patches are available: upgrade to n8n 1.123.55, 2.25.7, or 2.26.2 (or any later release on the corresponding branch) per the GHSA advisory at https://github.com/n8n-io/n8n/security/advisories/GHSA-pmqw-72cg-wx85. If immediate upgrade is not possible, restrict workflow sharing to fully trusted users only (acknowledging this reduces collaboration capability) and audit all currently shared workflows for unexpected credential references or recent modifications by Editor-role users; these workarounds reduce but do not eliminate the risk and should be considered short-term only. Operators should also rotate any credentials stored in n8n that were referenced by shared workflows on vulnerable instances, since prior exfiltration cannot be ruled out from configuration alone.
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38478
GHSA-pmqw-72cg-wx85