Critical n8n Vulnerabilities Expose Automation Nodes to Full RCE

A fresh set of critical vulnerabilities in the popular workflow automation platform n8n is raising serious security concerns, as researchers warn that attackers could chain multiple flaws to achieve full remote code execution (RCE) on affected systems.

The vulnerabilities, disclosed via GitHub Security Advisories and tracked as CVE-2026-44789, CVE-2026-44790, and CVE-2026-44791, impact multiple core nodes within n8n, including HTTP Request, Git, and XML nodes.

 All issues carry a critical severity rating, with CVSS scores indicating high impact across confidentiality, integrity, and availability.

Security researcher Jubke published the advisories on GitHub, highlighting how low-privileged authenticated users with workflow editing permissions can exploit these flaws to compromise entire n8n instances.

n8n Vulnerabilities

Prototype Pollution Leads to RCE

The most severe issue (CVE-2026-44789) affects the HTTP Request node, where improper validation of pagination parameters allows attackers to trigger prototype pollution.

This vulnerability falls under CWE-1321 and enables manipulation of JavaScript object prototypes at a global level.

In practical terms, an attacker can inject malicious properties into application objects, which can later be leveraged alongside other techniques to execute arbitrary code on the host system.

Because n8n workflows often integrate with external APIs and internal systems, this flaw significantly expands the attack surface, especially in automation-heavy environments.

Git Node Enables Arbitrary File Read

A second critical flaw, tracked as CVE-2026-44790, affects the Git node and could let attackers inject malicious CLI flags during Git push operations to read arbitrary files on the server.

Classified under CWE-88 (argument injection), this issue allows attackers to access sensitive files, including configuration data, credentials, and environment variables.

In many cases, such access can directly lead to full system compromise.

XML Node Patch Bypass Reopens Risk

The third vulnerability (CVE-2026-44791) involves a patch bypass in the XML node. Despite a previous fix for a related issue, attackers can still exploit prototype pollution through alternate paths.

When chained with other vulnerable nodes, this flaw can also lead to remote code execution, effectively nullifying earlier security fixes and exposing systems that were assumed to be protected.

Affected Versions and Fixes

All three vulnerabilities affect n8n versions below 1.123.43, 2.20.7, and 2.22.1, and have been patched in versions 1.123.43, 2.20.7, 2.22.1, and later.

Users are strongly advised to upgrade immediately, as no complete workaround exists.

For organizations unable to patch immediately, researchers recommend limiting workflow creation and editing permissions to trusted users only.

Administrators can also turn off vulnerable nodes using the NODES_EXCLUDE environment variable:

• Disable HTTP Request node: n8n-nodes-base.httpRequest
• Disable Git node: n8n-nodes-base.git
• Disable XML node: n8n-nodes-base.xml

However, these measures are only temporary and do not fully eliminate the risk.

These vulnerabilities highlight a broader security challenge in automation platforms like n8n, where interconnected nodes and extensible workflows can unintentionally amplify the impact of individual flaws.

With low-privileged access sufficient to trigger exploitation, organizations relying on n8n for critical automation should treat this disclosure as a high priority and ensure immediate remediation.

Failure to act could allow attackers to move from simple workflow access to full system control within minutes.

Follow us on Google News, LinkedIn, and X to Get More Instant Updates.