Description
n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the Microsoft SQL node by supplying a crafted value as the table parameter. This pollutes Object.prototype process-wide for the lifetime of the n8n server process, causing application-wide validation failures and rendering the n8n instance completely non-functional until restarted. This vulnerability is fixed in 2.24.0.
Published: 2026-06-23
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the Microsoft SQL node by supplying a crafted value as the table parameter. This pollutes Object.prototype process-wide for the lifetime of the n8n server process, causing application-wide validation failures and rendering the n8n instance completely non-functional until it is restarted. This vulnerability is fixed in 2.24.0.

Affected Systems

The issue affects installations of the n8n automation platform from the vendor n8n-io. All versions earlier than 2.24.0 are vulnerable. The 2.24.0 release includes the fix.

Risk and Exploitability

The CVSS score of 7.2 reflects a significant risk, and the EPSS score is not available in the CISA KEV catalog. Exploitation requires the ability to create or modify workflows, so an attacker must already have legitimate access or be able to compromise an account with such rights. Once triggered, the pollution remains until the n8n process is restarted, causing a denial of service to all users.

Generated by OpenCVE AI on June 24, 2026 at 11:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade n8n to version 2.24.0 or later to remove the prototype pollution flaw.
  • Restrict workflow creation and modification privileges to trusted users only, minimizing the window of opportunity for an attacker.
  • Perform an immediate restart of the n8n process to clear Object.prototype; however, this provides only temporary relief until a patch is applied.

Generated by OpenCVE AI on June 24, 2026 at 11:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-x6p3-m6h9-fx7r n8n: Microsoft SQL Node Prototype Pollution
History

Thu, 25 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 24 Jun 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared N8n
N8n n8n
Vendors & Products N8n
N8n n8n

Tue, 23 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
Description n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the Microsoft SQL node by supplying a crafted value as the table parameter. This pollutes Object.prototype process-wide for the lifetime of the n8n server process, causing application-wide validation failures and rendering the n8n instance completely non-functional until restarted. This vulnerability is fixed in 2.24.0.
Title n8n: Microsoft SQL Node Prototype Pollution
Weaknesses CWE-1321
References
Metrics cvssV4_0

{'score': 7.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-23T16:07:55.303Z

Reserved: 2026-06-12T18:42:02.222Z

Link: CVE-2026-54312

cve-icon Vulnrichment

Updated: 2026-06-23T16:07:51.872Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T16:00:06Z

Weaknesses
  • CWE-1321

    Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')