CNNVD-202602-616 Information

CNNVD ID

CNNVD-202602-616

Related CVE

CVE-2026-25052

• CNNVD Published: 2026-02-04

Description (Chinese)

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 1.123.18之前版本和2.5.0之前版本存在安全漏洞，该漏洞源于文件访问控制不当，可能导致读取敏感文件、凭据泄露和账户接管。

Description (English)

n8n is an expanded workflow automation tool for n8n open source. n8n 1.123.18 There is a security loophole in pre- and pre-2.5.0 versions, which arises from inadequate document access controls, which may lead to access to sensitive documents, leaks of evidence and account takeovers.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

n8n

Published

2026-02-04

Last Modified

2026-02-24

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-gfvg-qv54-r4pc https://access.redhat.com/security/cve/cve-2026-25052

Patch

https://github.com/n8n-io/n8n/releases