CVE-2026-42232
Undergoing Analysis Undergoing Analysis - In Progress
Prototype Pollution to RCE in n8n Workflow Automation

Publication date: 2026-05-04

Last updated on: 2026-05-06

Assigner: GitHub, Inc.

Description
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype pollution. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-05-06
Generated
2026-05-07
AI Q&A
2026-05-05
EPSS Evaluated
2026-05-05
NVD
CVE-2026-42232
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
n8n n8n to 1.123.32 (exc)
n8n n8n 2.18.0
n8n n8n From 2.17.0 (inc) to 2.17.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1321 The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects the n8n workflow automation platform. Before certain patched versions, an authenticated user with permission to create or modify workflows could exploit a flaw in the XML Node to perform global prototype pollution. Prototype pollution is a type of attack that manipulates the prototype of a base object, potentially altering the behavior of the application. In this case, when combined with other nodes that also exploit prototype pollution, it could lead to remote code execution (RCE), allowing an attacker to execute arbitrary code on the system.


How can this vulnerability impact me? :

The vulnerability can have severe impacts because it allows an authenticated user with workflow creation or modification permissions to achieve remote code execution on the system. This means an attacker could potentially take full control of the affected system, execute arbitrary commands, manipulate workflows, access sensitive data, or disrupt services.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, you should upgrade n8n to one of the patched versions: 1.123.32, 2.17.4, or 2.18.1.

This vulnerability affects versions prior to these releases and involves an authenticated user with permission to create or modify workflows exploiting global prototype pollution via the XML Node.

Applying the update will prevent the prototype pollution and potential remote code execution.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart