Description
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions on the instance, prototype mutations introduced by one user's workflow persist into subsequent Merge SQL executions belonging to other users or projects. This allowed a low-privileged attacker to intercept workflow data processed by other users on the same instance. This issue only affects multi-user n8n instances where more than one user has permission to create and execute workflows containing the Merge node in SQL Query mode. This vulnerability is fixed in 2.25.7 and 2.26.2.
Published: 2026-06-23
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A prototype pollution flaw (CWE‑488) is present in the Merge node’s SQL Query mode. Prior to version 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by that node. Because the sandbox context is cached and reused across all workflow executions on the instance, prototype mutations introduced by a user’s workflow persist into subsequent Merge SQL executions belonging to other users or projects. This allows a low‑privileged attacker to intercept workflow data processed by other users on the same instance, leading to confidential information leakage across users. The issue only affects multi‑user n8n instances where multiple users have permission to create and execute workflows that contain the Merge node in SQL Query mode.

Affected Systems

All n8n installations running versions earlier than 2.25.7 or 2.26.2 on a multi‑user deployment are affected. Single‑user or single‑user‑mode instances are not impacted.

Risk and Exploitability

The vulnerability is rated CVSS 6, indicating moderate severity. EPSS is not available and the flaw is not listed in CISA KEV, suggesting it is not known to have been widely exploited. Exploitation requires an authenticated user with workflow creation or modification rights, so the attack surface is limited to the same n8n instance. An attacker can use the polluted sandbox to read data belonging to other users breach.

Generated by OpenCVE AI on June 24, 2026 at 11:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade n8n to version 2.25.7 or 2.26.2 (or later) to apply the official fix.
  • Restrict workflow creation and modification permissions to trusted users only.
  • If possible, disable the Merge node’s SQL Query mode for unprivileged users or remove the node entirely when it is not required.

Generated by OpenCVE AI on June 24, 2026 at 11:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-9c38-2mcm-q7f7 n8n: Merge Node SQL Mode Prototype Pollution
History

Wed, 24 Jun 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared N8n
N8n n8n
Vendors & Products N8n
N8n n8n

Tue, 23 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 23 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission to create or modify workflows could pollute the sandbox used by the Merge node's SQL Query mode. Because the sandbox context was cached and reused across all workflow executions on the instance, prototype mutations introduced by one user's workflow persist into subsequent Merge SQL executions belonging to other users or projects. This allowed a low-privileged attacker to intercept workflow data processed by other users on the same instance. This issue only affects multi-user n8n instances where more than one user has permission to create and execute workflows containing the Merge node in SQL Query mode. This vulnerability is fixed in 2.25.7 and 2.26.2.
Title n8n: Merge Node SQL Mode Prototype Pollution
Weaknesses CWE-488
References
Metrics cvssV4_0

{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-23T17:45:39.586Z

Reserved: 2026-06-12T18:42:02.222Z

Link: CVE-2026-54311

cve-icon Vulnrichment

Updated: 2026-06-23T17:45:32.378Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T16:00:06Z

Weaknesses
  • CWE-488

    Exposure of Data Element to Wrong Session