CVE-2026-42232
Undergoing Analysis Undergoing Analysis - In Progress

Prototype Pollution to RCE in n8n Workflow Automation

Vulnerability report for CVE-2026-42232, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-04

Last updated on: 2026-05-06

Assigner: GitHub, Inc.

Description

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiting the prototype pollution. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-04
Last Modified
2026-05-06
Generated
2026-07-06
AI Q&A
2026-05-05
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
n8n n8n to 1.123.32 (exc)
n8n n8n 2.18.0
n8n n8n From 2.17.0 (inc) to 2.17.4 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1321 The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects the n8n workflow automation platform. Before certain patched versions, an authenticated user with permission to create or modify workflows could exploit a flaw in the XML Node to perform global prototype pollution. Prototype pollution is a type of attack that manipulates the prototype of a base object, potentially altering the behavior of the application. In this case, when combined with other nodes that also exploit prototype pollution, it could lead to remote code execution (RCE), allowing an attacker to execute arbitrary code on the system.

Impact Analysis

The vulnerability can have severe impacts because it allows an authenticated user with workflow creation or modification permissions to achieve remote code execution on the system. This means an attacker could potentially take full control of the affected system, execute arbitrary commands, manipulate workflows, access sensitive data, or disrupt services.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade n8n to one of the patched versions: 1.123.32, 2.17.4, or 2.18.1.

This vulnerability affects versions prior to these releases and involves an authenticated user with permission to create or modify workflows exploiting global prototype pollution via the XML Node.

Applying the update will prevent the prototype pollution and potential remote code execution.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42232. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart