CVE-2026-42282
Information Disclosure in n8n-MCP Server
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| n8n | mcp | to 2.47.13 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-532 | The product writes sensitive information to a log file. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in n8n-MCP server versions prior to 2.47.13 when running in HTTP transport mode. Authenticated MCP tools or call requests have their full arguments and JSON-RPC parameters logged by the server before any redaction occurs. If these requests contain credential material, such as bearer tokens, OAuth credentials, API keys, or webhook authentication headers, these sensitive values can be written in raw form to server logs.
Because logs may be collected, forwarded to external systems, or accessible outside the trusted request boundary (for example, shared log storage, SIEM pipelines, or support/operations access), this can lead to unintended disclosure of sensitive credentials. The vulnerability requires authentication to exploit, so unauthenticated users cannot trigger it. A console-silencing layer reduces runtime exposure but is fragile and does not prevent the sensitive data from being constructed and passed to the logger.
This issue has been fixed in version 2.47.13.
How can this vulnerability impact me? :
The vulnerability can lead to the exposure of sensitive credential material such as bearer tokens, OAuth credentials, API keys, and webhook authentication headers through server logs.
If these logs are accessible to unauthorized personnel or external systems, attackers or unauthorized users could gain access to these credentials, potentially allowing them to impersonate users, access protected resources, or perform unauthorized actions within the system.
Since the vulnerability requires authentication, the risk is limited to authenticated users, but the impact remains significant due to the sensitive nature of the leaked information.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade n8n-MCP to version 2.47.13 or later, where the issue has been patched.
Additionally, avoid running n8n-MCP in HTTP transport mode if possible, or restrict access to authenticated users only, since the issue requires authentication.
Review and secure log storage and forwarding mechanisms to prevent unauthorized access to sensitive logged data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability causes sensitive credential material, such as bearer tokens, OAuth credentials, API keys, and secret-bearing payloads, to be logged in plaintext before any redaction occurs. If these logs are collected, forwarded, or accessible outside the trusted boundary, it can lead to unauthorized disclosure of sensitive information.
Such unauthorized disclosure of sensitive credentials can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and credentials to prevent data breaches and unauthorized access.
Therefore, this vulnerability increases the risk of non-compliance with these regulations due to potential exposure of sensitive authentication and credential information through logs.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves sensitive MCP tool-call arguments, including credentials, being logged in plaintext in server logs when n8n-mcp runs in HTTP transport mode prior to version 2.47.13.
To detect this vulnerability on your system, you should inspect the server logs for any presence of sensitive information such as bearer tokens, OAuth credentials, API keys, webhook authentication headers, or other secret-bearing payloads that appear in the logs in raw form.
Since the issue is related to logging of JSON-RPC parameters and tool-call arguments, searching the logs for keywords like 'n8n_manage_credentials.data', 'bearer token', 'OAuth', 'API key', or other known secret patterns can help identify if sensitive data is being exposed.
Suggested commands to search logs (assuming logs are stored in text files):
- grep -i 'bearer' /path/to/n8n-mcp/logs/*
- grep -i 'oauth' /path/to/n8n-mcp/logs/*
- grep -i 'api_key' /path/to/n8n-mcp/logs/*
- grep -i 'n8n_manage_credentials.data' /path/to/n8n-mcp/logs/*
- grep -Eo '"[a-zA-Z0-9_-]{20,}"' /path/to/n8n-mcp/logs/* # to find long strings that may be secrets
Additionally, review your logging configuration and access controls to ensure logs are not accessible outside trusted boundaries.