Input Validation Flaw in n8n Workflow Automation by n8n.io
CVE-2026-56349

6.3MEDIUM

Key Information:

Vendor

N8n

Status
Vendor
CVE Published:
15 July 2026

What is CVE-2026-56349?

In n8n versions prior to 2.10.0, an input validation flaw in the Guardrail node permits attackers to craft specially designed inputs that bypass default guardrail restrictions. This vulnerability enables malicious users to circumvent essential guardrail protections, potentially compromising the integrity of automated workflows. Proper validation and robust security measures are essential to mitigate risks associated with this issue.

Affected Version(s)

n8n 0 < 2.10.0

n8n 2.10.0

References

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

akirilov
.