ГлавнаяУязвимости → CVE-2026-25056
8.8высокая

CVE-2026-25056

→ есть в БДУ: BDU:2026-02171 (на русском)
Описание (на английском; русское — в БДУ выше)

n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files to the n8n server's filesystem potentially leading to remote code execution. This issue has been patched in versions 1.118.0 and 2.4.0.

Затрагиваемое ПО
N8n N8n
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/n8n-io/n8n/security/advisories/GHSA-hv53-3329-vmrm