The vulnerability CVE-2026-33749 in n8n arises from improper neutralization of input during web page generation, classified under CWE-79 (Cross-site Scripting). Specifically, when an authenticated user with permissions to create or modify workflows crafts a workflow that produces an HTML binary data object without specifying a filename, the n8n server’s /rest/binary-data endpoint serves this content inline without the 'Content-Disposition' or 'Content-Security-Policy' HTTP headers. This omission allows the browser to render the HTML content directly with full same-origin JavaScript privileges. An attacker can exploit this by sending the crafted URL to a higher-privileged user, such as an administrator, who when accessing the URL will execute the attacker’s JavaScript in their authenticated session. This can lead to exfiltration of sensitive workflows and credentials, unauthorized modification of workflows, or privilege escalation to admin level. The vulnerability affects n8n versions prior to 1.123.27, 2.13.3, and 2.14.1, including 2.14.0 specifically. The CVSS v4.0 score is 6.3 (medium severity), reflecting network exploitability without authentication but requiring low privileges and user interaction, with limited confidentiality and integrity impact but high scope and availability considerations. No known exploits are currently reported in the wild. The issue has been remediated by adding appropriate security headers and input handling in the fixed versions. Until upgrading, administrators should limit workflow creation and editing permissions to fully trusted users and restrict network access to prevent untrusted users from accessing the vulnerable endpoint. These mitigations reduce exposure but do not fully resolve the risk.

If exploited, this vulnerability allows an attacker with low-level authenticated access to execute arbitrary JavaScript in the context of a higher-privileged user’s session. This can lead to theft of sensitive workflow configurations and credentials, unauthorized changes to workflows, and escalation of privileges to administrative levels. Such impacts can compromise the integrity and confidentiality of automation processes, potentially disrupting business operations that rely on n8n workflows. The ability to escalate privileges and exfiltrate credentials increases the risk of broader network compromise. Since n8n is often deployed in enterprise environments for automating critical workflows, this vulnerability can have significant operational and security consequences. The requirement for authentication and user interaction limits the attack surface but does not eliminate risk, especially in environments with multiple users or where social engineering can be used to trick privileged users into clicking malicious links.

1. Upgrade n8n instances immediately to versions 1.123.27, 2.13.3, 2.14.1, or later to apply the official fix. 2. Restrict workflow creation and editing permissions strictly to fully trusted and vetted users to reduce the risk of malicious workflow injection. 3. Implement network access controls to limit access to the /rest/binary-data endpoint, ensuring only authorized users and systems can reach it. 4. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious requests targeting the binary data endpoint. 5. Educate privileged users about the risk of clicking untrusted URLs, especially those related to the n8n platform. 6. Monitor logs for unusual access patterns or attempts to access binary data URLs. 7. Consider isolating n8n instances in segmented network zones to limit lateral movement if compromise occurs. 8. Regularly audit user permissions and workflow changes to detect unauthorized modifications. These steps provide layered defense beyond patching and help mitigate risk until full remediation is achieved.