Do Son 
In the world of rapid development, n8n has become a favorite for technical teams looking to merge the flexibility of custom code with the speed of no-code automation. With over 400 integrations and native AI capabilities, it is a powerhouse for building complex workflows while keeping data under local control. However, two recently discovered vulnerabilities have highlighted a critical risk: when the very tools meant to simplify our work become a doorway for attackers.
Both flaws center on Prototype Pollution, a sophisticated JavaScript attack that can lead to the ultimate nightmare for any system administrator—Remote Code Execution (RCE).
The first vulnerability, carrying a “Critical” CVSS score of 9.4, targets the way n8n handles XML data within its workflows. If an authenticated user has the permissions to create or modify a workflow, they can craft a malicious XML payload that triggers global prototype pollution.
By “polluting” the base JavaScript object prototype, the attacker can change the behavior of the entire application. When combined with other nodes that interact with these polluted objects, the attacker can execute arbitrary code on the server.
Even more severe is a second flaw, which has earned the highest possible risk rating: a CVSS score of 10. This vulnerability lies within the xml2js library used by n8n to parse XML request bodies in its webhook handler.
In this scenario, the stakes are even higher. An attacker with workflow permissions can use a crafted XML payload to pollute the object prototype. The real danger comes from exploit chaining: by combining this pollution with the Git node’s SSH operations, the attacker can achieve full RCE on the host machine.
The n8n team has moved quickly to address these threats. Fixes for both vulnerabilities have been rolled out in the following versions:
All users are strongly urged to upgrade to these versions immediately to fully remediate the risk.
If you cannot upgrade your instance right this second, administrators should implement these short-term mitigations to reduce the attack surface:
- Restrict Permissions: Strictly limit workflow creation and editing to fully trusted users only.
- Exclude the XML Node: You can disable the vulnerable node by adding n8n-nodes-base.xml to your NODES_EXCLUDE environment variable.
Update:
The first flaw, is now tracked as CVE-2026-42232 and the second flaw is tracked as CVE-2026-42231.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
