Authenticated Server-Side Request Forgery in n8n-MCP by czlonkowski
CVE-2026-44694

7.2HIGH

Key Information:

Vendor

Czlonkowski

Status
N8n-mcp
Vendor
CVE Published:
8 May 2026

What is CVE-2026-44694?

The n8n-MCP server, which facilitates AI assistants' access to n8n node documentation, is susceptible to an authenticated server-side request forgery. This vulnerability impacts the webhook trigger tools and the n8n API client (N8N_API_URL) settings, specifically in multi-tenant HTTP mode via URLs passed through the x-n8n-url header. Affected versions include n8n-MCP from 2.18.7 up to, but not including, 2.50.2. Users should upgrade to version 2.50.2 or later to mitigate this risk.

Affected Version(s)

n8n-mcp >= 2.18.7, < 2.50.2

References

https://github.com/czlonkowski/n8n-mcp/security/advisorie...
x_refsource_CONFIRM
https://github.com/czlonkowski/n8n-mcp/commit/bcaba839409...
x_refsource_MISC
https://github.com/czlonkowski/n8n-mcp/releases/tag/v2.50.2
x_refsource_MISC

CVSS V4

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.