How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

CVE-2026-33751 is an LDAP Injection vulnerability that allows attackers to manipulate LDAP queries, potentially retrieving unauthorized LDAP records or bypassing authentication checks. Such unauthorized access to sensitive data could lead to violations of data protection regulations like GDPR or HIPAA, which require strict controls on access to personal and protected health information.

Because the vulnerability can result in unauthorized data disclosure or access control bypass, affected organizations may face compliance risks if the vulnerability is exploited and sensitive data is exposed or improperly accessed.

Mitigations such as upgrading to fixed versions or applying temporary workarounds are necessary to reduce the risk of non-compliance due to this vulnerability.

Useful 0 Not Useful 0

Can you explain this vulnerability to me?

CVE-2026-33751 is a moderate severity LDAP Injection vulnerability in the LDAP node of the n8n workflow automation platform. The issue arises because LDAP metacharacters in user-controlled input are not properly escaped when interpolated into LDAP search filters. This flaw allows an attacker, when a workflow is configured to pass external user input (such as from forms or webhooks) into the LDAP node's search parameters, to manipulate the LDAP filter.

By exploiting this vulnerability, an attacker can retrieve unintended LDAP records or bypass authentication checks implemented in the workflow. The vulnerability is due to improper neutralization of special elements used in an LDAP query, also known as LDAP Injection.

The issue has been fixed in n8n versions 1.123.27, 2.13.3, and 2.14.1. Users are advised to upgrade to these or later versions to remediate the vulnerability.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can impact you by allowing an attacker to remotely manipulate LDAP queries within your n8n workflows without requiring any privileges or user interaction.

The attacker could retrieve unauthorized LDAP records or bypass authentication checks, potentially exposing sensitive information or allowing unauthorized access.

The impact on confidentiality and integrity is considered low, and there is no impact on availability.

If your workflows use the LDAP node with user-controlled input passed via expressions, this vulnerability could be exploited unless you upgrade or apply mitigations.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves identifying workflows in n8n that use the LDAP node with user-controlled input passed via expressions into LDAP search parameters. Since exploitation requires specific workflow configurations where external input (e.g., from forms or webhooks) is interpolated into LDAP filters without proper escaping, reviewing such workflows is essential.

There are no specific commands provided to detect this vulnerability on your network or system.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability immediately, users should upgrade n8n to versions 1.123.27, 2.13.3, 2.14.1, or later where the issue is fixed.

• Limit workflow creation and editing permissions to fully trusted users only.
• Disable the LDAP node by adding `n8n-nodes-base.ldap` to the `NODES_EXCLUDE` environment variable.
• Avoid passing unvalidated external user input into LDAP node search parameters via expressions.

Note that these workarounds do not fully remediate the risk and should only be used as short-term mitigation measures until an upgrade can be performed.

Useful 0 Not Useful 0