CNNVD-202601-1364 Information

CNNVD ID

CNNVD-202601-1364

Related CVE

CVE-2026-21858

• CNNVD Published: 2026-01-08

Description (Chinese)

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.121.0之前版本存在输入验证错误漏洞，该漏洞源于攻击者可通过执行基于表单的工作流访问底层服务器文件，可能导致敏感信息泄露。

Description (English)

n8n is an expanded workflow automation tool for n8n open source. n8n 1.1.22.0 There is an input validation error gap in the pre-version, which stems from the fact that the assailant can access the bottom server file by executing a form-based workflow, which may lead to the disclosure of sensitive information.

Hazard Level

Low

Vulnerability Type

输入验证错误

Affected Vendor

n8n

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg

Patch

https://github.com/n8n-io/n8n/releases