CVE-2026-59209
Received
Received - Intake
Information Disclosure in n8n Workflow Automation
Vulnerability report for CVE-2026-59209, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-09
Last updated on: 2026-07-09
Assigner: GitHub, Inc.
Description
Description
n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and exfiltrate the secret through item data. This issue is fixed in versions 1.123.61, 2.27.4, and 2.28.1.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| n8n-io | n8n | 1.123.61 |
| n8n-io | n8n | 2.27.4 |
| n8n-io | n8n | 2.28.1 |
| n8n-io | n8n | to 1.123.61 (exc) |
| n8n-io | n8n | to 2.27.4 (exc) |
| n8n-io | n8n | to 2.28.1 (exc) |
| n8n | n8n | to 1.123.61 (inc) |
| n8n | n8n | to 2.27.4 (inc) |
| n8n | n8n | to 2.28.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-522 | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |