CVE-2026-54306 - Vulnerability Details

Description

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollution vulnerability allowed a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. These fields could be surfaced and consumed as normal values by downstream built-in nodes. Where a workflow combines a public webhook with action nodes that consume the resulting fields, an attacker could cause the workflow to act as a confused deputy — targeting unintended records or issuing outbound requests using the workflow owner's configured credentials. This vulnerability is fixed in 2.25.7 and 2.26.2.

Published: 2026-06-23

Score: 6.3 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability is a prototype pollution flaw that allows an attacker to inject malicious fields into workflow data when a public webhook is used. These injected fields are then passed to downstream built‑in nodes, causing the workflow to perform operations as if they were legitimate inputs. If the workflow contains action nodes that act on data derived from the webhook, an attacker could drive the workflow to target unintended records or send unauthorized requests using the workflow owner's credentials, effectively hijacking the workflow as a confused deputy.

Affected Systems

This issue affects n8n‑io’s n8n platform in all releases prior to 2.25.7 and 2.26.2. Users running any earlier version that exposes public webhooks should consider this vulnerability present.

Risk and Exploitability

The CVSS score of 6.3 reflects the medium severity of this prototype‑pollution‑based confused‑deputy flaw. No EPSS score is available, indicating that specific exploit popularity data is not published, and the vulnerability is not listed in the CISA KEV catalog. Because the malicious payload is transmitted through a public webhook HTTP endpoint, the likely attack vector is external over the network, allowing an attacker to send a crafted request and inject arbitrary properties that are then executed by downstream nodes.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n8n-io

n8n

affected

Version	Status	Constraints
`>= 2.26.0, < 2.26.2`	affected	—
`< 2.25.7`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade n8n to version 2.25.7 or later, or to 2.26.2 if using the 2.26 branch.
If an immediate upgrade is not possible, restrict the exposure of public webhook endpoints to trusted IP addresses or internal networks.
Implement input validation or sanitization for webhook payloads to block unexpected fields before they are processed by downstream nodes.

Generated by OpenCVE AI on June 23, 2026 at 22:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-2vff-hj5x-8gq7	n8n: Prototype Pollution enables confused-deputy execution via public webhooks

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/n8n-io/n8n/security/advisories/GHSA-2vff-hj5x-8gq7

History

Tue, 23 Jun 2026 16:45:00 +0000

Type	Values Removed	Values Added
Description		n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, a prototype pollution vulnerability allowed a crafted public webhook payload to inject attacker-controlled fields into workflow data during internal object copying. These fields could be surfaced and consumed as normal values by downstream built-in nodes. Where a workflow combines a public webhook with action nodes that consume the resulting fields, an attacker could cause the workflow to act as a confused deputy — targeting unintended records or issuing outbound requests using the workflow owner's configured credentials. This vulnerability is fixed in 2.25.7 and 2.26.2.
Title		n8n: Prototype Pollution enables confused-deputy execution via public webhooks
Weaknesses		CWE-1321
References		https://github.com/n8n-io/n8n/security/advisories/GHSA-2vff-hj5x-8gq7
Metrics		cvssV4_0 `{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-06-23T15:43:12.318Z

Updated: 2026-06-23T15:43:12.318Z

Reserved: 2026-06-12T17:46:37.294Z

Link: CVE-2026-54306

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-23T22:15:04Z

Weaknesses

CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object