Permission Bypass Vulnerability in n8n by n8n-io
CVE-2026-59259
What is CVE-2026-59259?
n8n prior to versions 1.123.61, 2.27.4, and 2.28.1 contains a permission bypass vulnerability in its external secrets handling. This flaw arises from a discrepancy between static validation checks and the dynamic runtime expression engine. Authenticated users who can create or update credentials but lack the 'externalSecret:list' scope may exploit this vulnerability to embed external secret references within credential forms. These references are not detected during the static validation phase and become resolved at workflow execution, thereby disclosing secret values the user should not have access to. This issue is particularly pertinent in configurations utilizing external secrets providers and Advanced Permissions.
Affected Version(s)
n8n 0 < 1.123.61
n8n 0 < 2.28.1
n8n 0 < 2.27.4
