Description
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state could attach to that execution, receive the pending prompt intended for the legitimate user, and submit arbitrary input to resume or influence downstream workflow behavior. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.
Published: 2026-05-04
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unauthenticated remote attacker who identifies a valid execution id for a workflow waiting for a chat prompt can attach to the /chat WebSocket endpoint and send arbitrary input, thereby influencing or hijacking downstream workflow behavior. The vulnerability stems from missing authorization checks on incoming connections and is classified as a Privilege Escalation weakness (CWE‑862). The impact is the ability to modify the logic and output of a workflow without proper authentication, potentially leading to data leakage or unwanted external actions.

Affected Systems

The affected product is n8n by n8n‑io. Versions before 1.123.32, 2.17.4, and 2.18.1 are vulnerable. Users must verify that they are running a patched release to mitigate the issue.

Risk and Exploitability

The CVSS score of 6.3 indicates a moderate severity. The EPSS score is not available, so the current exploitation probability cannot be quantified. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is through an open WebSocket connection to the /chat endpoint; the attacker must discover a valid execution id but does not need any credential to exploit the flaw.

Generated by OpenCVE AI on May 4, 2026 at 20:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a patch to upgrade to n8n version 1.123.32 or newer, 2.17.4 or newer, or 2.18.1 or newer.
  • If a patch cannot be applied immediately, block unauthenticated access to the /chat WebSocket endpoint using firewall rules or reverse‑proxy access controls.
  • Restrict exposure of workflow execution identifiers to authorized users only and monitor for suspicious activity on the chat endpoint.

Generated by OpenCVE AI on May 4, 2026 at 20:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-f77h-j2v7-g6mw n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
History

Wed, 06 May 2026 18:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:n8n:n8n:*:*:*:*:enterprise:node.js:*:*
cpe:2.3:a:n8n:n8n:2.18.0:*:*:*:enterprise:node.js:*:*
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Wed, 06 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 05 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared N8n
N8n n8n
Vendors & Products N8n
N8n n8n

Mon, 04 May 2026 19:00:00 +0000

Type Values Removed Values Added
Description n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state could attach to that execution, receive the pending prompt intended for the legitimate user, and submit arbitrary input to resume or influence downstream workflow behavior. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.
Title n8n: Hijacking of Unauthenticated Chat Execution
Weaknesses CWE-862
References
Metrics cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

N8n N8n
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-06T13:47:56.890Z

Reserved: 2026-04-25T05:37:12.117Z

Link: CVE-2026-42228

cve-icon Vulnrichment

Updated: 2026-05-06T13:47:53.436Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-04T19:16:04.900

Modified: 2026-05-06T18:08:21.630

Link: CVE-2026-42228

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-05T21:30:05Z

Weaknesses