Executive Summary

CVE-2026-54307 is a high-severity vulnerability in n8n, an open-source workflow automation platform. It occurs in versions prior to 1.123.55, 2.25.7, and 2.26.2. The issue allows a member-level user with editor access to a shared workflow to access credentials they do not own by exploiting specific public API endpoints. This happens because credential ownership checks were only partially enforced, leading to cross-user credential access. The vulnerability affects instances where workflow sharing is enabled and at least one workflow has been shared with an editor-level user.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized access and exfiltration of sensitive credentials by users who should not have access to them. Since a member-level user with editor rights can bypass ownership checks, they can potentially access confidential information stored in credentials, which can compromise the security of the affected system and any connected systems that rely on those credentials.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by auditing shared workflows for unexpected credential references, especially in instances where workflow sharing is enabled and at least one workflow has been shared with a member-level user as an Editor.

Since the issue involves exploitation of specific public API endpoints to access credentials, monitoring API access logs for unusual or unauthorized credential access attempts by member-level users with editor access can help detect exploitation.

No specific commands are provided in the available resources to detect this vulnerability.

Useful 0 Not Useful 0

Mitigation Strategies

The primary immediate step to mitigate this vulnerability is to upgrade n8n to one of the fixed versions: 1.123.55, 2.25.7, or 2.26.2.

As a temporary mitigation, restrict workflow sharing to trusted users only and audit shared workflows for any unexpected credential references.

Note that temporary mitigations do not fully resolve the risk, so upgrading to a patched version is strongly recommended.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows a member-level user with editor access to a shared workflow to access credentials they do not own due to incomplete ownership checks in the n8n platform. Such unauthorized access to sensitive credentials can lead to data breaches or unauthorized data exposure.

Because credentials often contain sensitive personal or protected information, this vulnerability could impact compliance with data protection regulations such as GDPR and HIPAA by potentially exposing confidential data to unauthorized users.

Organizations using affected versions of n8n should upgrade to patched versions immediately to mitigate this risk and maintain compliance with these standards.

Useful 0 Not Useful 0