CVE-2026-56353
Received Received - Intake

Authentication Bypass in n8n Chat Trigger Node

Vulnerability report for CVE-2026-56353, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-15

Last updated on: 2026-07-15

Assigner: VulnCheck

Description

n8n contains an authentication bypass in the Chat Trigger node when configured with n8n User Auth (a non-default configuration). In affected releases β€” before 1.123.22, the 2.0.0 through 2.9.2 line, and 2.10.0 β€” the authentication check on the Chat Trigger webhook endpoint can be circumvented, allowing access without valid credentials. Fixed in 1.123.22, 2.9.3, and 2.10.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-15
Last Modified
2026-07-15
Generated
2026-07-15
AI Q&A
2026-07-15
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
n8n n8n From 2.0.0 (inc) to 2.9.3 (exc)
n8n n8n From 2.10.0 (inc) to 2.10.1 (exc)
n8n n8n to 1.123.22 (exc)
n8n n8n From 2.0.0 (inc) to 2.9.2 (inc)
n8n n8n to 2.10.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an authentication bypass in the Chat Trigger node of n8n software. It affects versions before 1.123.22, between 2.0.0 and 2.9.2, and version 2.10.0 when configured with n8n User Auth, which is not the default setting. Attackers can bypass authentication checks on the Chat Trigger webhook endpoint to gain unauthorized access without valid credentials.

Impact Analysis

This vulnerability allows attackers to access the Chat Trigger webhook endpoint without proper authentication. This could lead to unauthorized workflow execution, data exfiltration, or system compromise depending on the workflow permissions and configuration. Exploitation requires network access but no user interaction or privileges.

Compliance Impact

This vulnerability could impact compliance by allowing unauthorized access to sensitive data processed by n8n workflows. GDPR requires protection of personal data, and HIPAA requires safeguards for protected health information. A breach could result in non-compliance, potential fines, and reputational damage.

Detection Guidance

Check if your n8n instance is running a vulnerable version (<1.123.22, 2.0.0-2.9.2, or 2.10.0) by running: n8n --version. Inspect Chat Trigger nodes in workflows for non-default n8n User Auth configuration. Monitor webhook endpoints for unauthorized access attempts or unusual activity.

Mitigation Strategies

Upgrade n8n to patched versions (1.123.22, 2.9.3, or 2.10.1) immediately. If upgrading is not possible, disable Chat Trigger nodes with n8n User Auth or restrict webhook access to trusted IPs. Review and audit workflow permissions to limit exposure.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56353. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart