Description
n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to inject arbitrary SQL through unescaped identifier values in node configuration parameters. Attackers with workflow creation permissions can supply specially crafted table or column names to execute unauthorized database commands and compromise data integrity.
Published: 2026-06-24
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a SQL injection flaw in the MySQL, PostgreSQL, and Microsoft SQL nodes of n8n. It occurs when unescaped identifier values are used in node configuration parameters, allowing an attacker with workflow creation permissions to inject arbitrary SQL. This can lead to unauthorized database commands, violating data integrity and potentially exposing or deleting data.

Affected Systems

The affected vendor is n8n and the product is n8n. Versions prior to 2.4.0 are vulnerable, specifically the database nodes that integrate with MySQL, PostgreSQL, and Microsoft SQL Server within n8n workflows.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. With no EPSS available and not listed in KEV, the exploitation risk is lower but still present. The likely attack vector requires an authenticated user with workflow creation permissions on the n8n instance. Once authenticated, the attacker can supply specially crafted table or column names to manipulate the database, compromising data integrity.

Generated by OpenCVE AI on June 24, 2026 at 13:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade n8n to version 2.4.0 or later.
  • Restrict workflow creation permissions to trusted users to reduce the attack surface.
  • Monitor database activity for unauthorized queries to detect potential exploitation.

Generated by OpenCVE AI on June 24, 2026 at 13:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-f3f2-mcxc-pwjx n8n: SQL Injection in MySQL, PostgreSQL, and Microsoft SQL nodes
History

Wed, 24 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 24 Jun 2026 12:00:00 +0000

Type Values Removed Values Added
Description n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to inject arbitrary SQL through unescaped identifier values in node configuration parameters. Attackers with workflow creation permissions can supply specially crafted table or column names to execute unauthorized database commands and compromise data integrity.
Title n8n - SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes
First Time appeared N8n
N8n n8n
Weaknesses CWE-89
CPEs cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*
Vendors & Products N8n
N8n n8n
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N'}

Subscriptions

N8n N8n
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-24T12:42:36.248Z

Reserved: 2026-06-20T18:13:07.364Z

Link: CVE-2026-56351

cve-icon Vulnrichment

Updated: 2026-06-24T12:42:32.747Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T17:15:04Z

Weaknesses
  • CWE-89

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')