CNNVD-202506-3355 Information

CNNVD ID

CNNVD-202506-3355

Related CVE

CVE-2025-49592

• CNNVD Published: 2025-06-26

Description (Chinese)

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.98.0之前版本存在输入验证错误漏洞，该漏洞源于登录流程中存在开放重定向漏洞，可能导致钓鱼攻击。

Description (English)

n8n is an expanded workflow automation tool for n8n open source. The previous version of n8n 1.98.0 had an input validation error loophole, which stemmed from the open re-direction gap in the login process, which could lead to fishing attacks.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

n8n

Published

2025-06-26

Last Modified

2026-02-24

References

https://github.com/n8n-io/n8n/pull/16034 https://github.com/n8n-io/n8n/commit/4865d1e360a0fe7b045e295b5e1a29daad12314e https://github.com/n8n-io/n8n/releases/tag/n8n%401.98.0 https://github.com/n8n-io/n8n/security/advisories/GHSA-5vj6-wjr7-5v9f https://nvd.nist.gov/vuln/detail/CVE-2025-49592

Patch

https://github.com/n8n-io/n8n/releases