SQL Query Sandbox Vulnerability in n8n Workflow Automation Platform
CVE-2026-54311

6MEDIUM

Key Information:

Vendor: N8n-io
Status: N8n
Vendor: CVE Published:; 23 June 2026

What is CVE-2026-54311?

In the n8n open source workflow automation platform, a vulnerability exists in the Merge node's SQL Query mode prior to versions 2.25.7 and 2.26.2. Authenticated users authorized to create or modify workflows could exploit this vulnerability by polluting the sandbox context. This context is cached and reused across workflows, allowing prototype mutations made by one user to affect other users' executions. Consequently, a low-privileged attacker could intercept sensitive workflow data from other users operating within the same instance. This issue specifically impacts multi-user configurations, emphasizing the need for prompt updates to maintain workflow integrity and security.

Affected Version(s)

n8n >= 2.26.0, < 2.26.2 < 2.26.0, 2.26.2

n8n < 2.25.7 < 2.25.7

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-9c...

x_refsource_CONFIRM

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2026
Vulnerability Reserved
Jun 12, 2026

CVE-2026-54311 Data

JSON

N8n-io

What is CVE-2026-54311?

Affected Version(s)

References

CVSS V4

Timeline