Multi-Tenant Configuration Vulnerability in n8n-MCP Server by n8n
CVE-2026-45707

8.1HIGH

Key Information:

Vendor

Czlonkowski

Status
N8n-mcp
Vendor
CVE Published:
29 May 2026

What is CVE-2026-45707?

The n8n-MCP server, which facilitates AI agents' access to n8n node documentation, is susceptible to a multi-tenant configuration issue. Prior to version 2.51.2, setting ENABLE_MULTI_TENANT to true allowed authenticated tenants to inadvertently interact with the operator's n8n instance instead of their respective instances. This occurred when requests lacked the necessary x-n8n-url or x-n8n-key headers, defaulting to the operator's instance credentials. Such behavior may lead to unauthorized management operations against shared resources in HTTP-mode deployments, posing significant risks for organizations relying on multi-tenant services.

Affected Version(s)

n8n-mcp < 2.51.2

References

https://github.com/czlonkowski/n8n-mcp/security/advisorie...
x_refsource_CONFIRM
https://github.com/czlonkowski/n8n-mcp/commit/853015d0897...
x_refsource_MISC
https://github.com/czlonkowski/n8n-mcp/releases/tag/v2.51.2
x_refsource_MISC

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.