Impact
n8n is an open‑source workflow automation platform. Prior to versions 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass a previously applied patch for CVE‑2026‑42232 in the XML node. This flaw allows a prototype‑pollution attack that can result in arbitrary code execution on the host when the malicious workflow is run alongside other nodes. The weakness is classified as CWE‑1321.
Affected Systems
The vulnerability affects the n8n workflow automation platform distributed by n8n-io. All releases older than 1.123.43, 2.22.1, and 2.20.7 are susceptible; those releases lack the critical patch that mitigates the XML node issue.
Risk and Exploitability
The CVSS score of 9.4 indicates the flaw is critical. An EPSS score is not available, so the probability of exploitation remains uncertain; however, the lack of a KEV listing does not diminish the risk. Based on the description, it is inferred that the attack vector is internal, requiring an authenticated session with workflow edit rights, after which the attacker can manipulate the XML node to inject malicious code and achieve remote code execution on the n8n host.
OpenCVE Enrichment
Github GHSA