Authorization Bypass in n8n Workflow Management
CVE-2026-56776

5.3MEDIUM

Key Information:

Vendor

N8n

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-56776?

An authorization bypass vulnerability exists in n8n prior to specified versions, allowing unauthorized users to execute workflows through the POST /workflows/{workflowId}/test-runs/new endpoint. By misusing the workflow:read scope instead of the intended workflow:execute permission, authenticated users with read-only access can trigger execution of workflows. This can lead to unintended API calls, data mutations, and various side effects that may compromise the integrity and security of connected systems. This issue is particularly concerning for instances utilizing the Evaluations feature, where project roles permit workflow:read access but fail to enforce workflow:execute permissions effectively.

Affected Version(s)

n8n 0 < 1.123.55

n8n 0 < 2.26.2

n8n 0 < 2.25.7

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

34selen
.