n8n Workflow Automation Tool
85%
Total Score
100
1
100
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2026-54302 n8n is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 1.123.55, 2.26.0 - 2.26.2 and 2.0.0-rc.0 - 2.25.7. | 0.0.0 - 1.123.552.0.0-rc.0 - 2.25.72.26.0 - 2.26.2 | High |
CVE-2026-54303 n8n is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 0.0.0 - 2.24.0. | 0.0.0 - 2.24.0 | High |
CVE-2026-54312 n8n is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in versions 0.0.0 - 2.24.0. | 0.0.0 - 2.24.0 | High |
CVE-2026-54304 n8n is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 0.0.0 - 1.123.55, 2.26.0 - 2.26.1 and 2.0.0-rc.0 - 2.25.7. | 0.0.0 - 1.123.552.0.0-rc.0 - 2.25.72.26.0 - 2.26.1 | High |
CVE-2026-54309 n8n is vulnerable to Missing Authentication for Critical Function in versions 2.26.0 - 2.26.2 and 0.0.0 - 2.25.7. | 0.0.0 - 2.25.72.26.0 - 2.26.2 | Critical |
| Dependency | Last Release | Score |
|---|---|---|
ms Version 2.1.3 | — | — |
pg Version 8.17.0 | — | — |
ws Version 8.20.1 | — | — |
psl Version 1.9.0 | — | — |
tar Version ^7.5.16 | — | — |
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant