Disk Space Exhaustion Vulnerability in n8n by n8n.io
CVE-2026-58661
5.3MEDIUM
What is CVE-2026-58661?
A disk space exhaustion vulnerability exists in n8n's data-table file upload endpoint. The implementation allows authenticated users to bypass quota checks for files already written to a shared temporary directory. As a result, users can continuously upload files, leading to the accumulation of data that fills the available disk space until a cleanup process occurs. This vulnerability can significantly impact system performance and may lead to application downtime.
Affected Version(s)
n8n 0 < 2.28.0
n8n 0 < 1.123.58
n8n 2.28.0
