CVE-2026-54307: CWE-863: Incorrect Authorization in n8n-io n8n
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing is enabled and at least one workflow has been shared with a member-level user as an Editor. This vulnerability is fixed in 1.123.55, 2.25.7, and 2.26.2.
AI Analysis
Technical Summary
CVE-2026-54307 is an authorization bypass vulnerability in the n8n workflow automation platform. Specifically, member-level users granted editor access to shared workflows could exploit incomplete credential ownership verification in public API endpoints to access credentials owned by other users. This issue arises only when workflow sharing is enabled and at least one workflow is shared with an editor-level member. The vulnerability affects versions prior to 1.123.55, 2.25.7, and 2.26.2, where it has been fixed.
Potential Impact
An attacker with member-level editor access to a shared workflow can access credentials belonging to other users, potentially exposing sensitive authentication data. This could lead to unauthorized use of those credentials within the platform, increasing the risk of privilege escalation or data compromise within affected n8n instances.
Mitigation Recommendations
Upgrade n8n to version 1.123.55, 2.25.7, or 2.26.2 or later, where this authorization issue has been fixed. Since the vulnerability is resolved in these versions, applying the official update is the recommended remediation. Patch status is confirmed by the vendor advisory stating the fix in these versions.
CVE-2026-54307: CWE-863: Incorrect Authorization in n8n-io n8n
Description
n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, a member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing is enabled and at least one workflow has been shared with a member-level user as an Editor. This vulnerability is fixed in 1.123.55, 2.25.7, and 2.26.2.
CVSS v4.0
Score 8.5high
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-54307 is an authorization bypass vulnerability in the n8n workflow automation platform. Specifically, member-level users granted editor access to shared workflows could exploit incomplete credential ownership verification in public API endpoints to access credentials owned by other users. This issue arises only when workflow sharing is enabled and at least one workflow is shared with an editor-level member. The vulnerability affects versions prior to 1.123.55, 2.25.7, and 2.26.2, where it has been fixed.
Potential Impact
An attacker with member-level editor access to a shared workflow can access credentials belonging to other users, potentially exposing sensitive authentication data. This could lead to unauthorized use of those credentials within the platform, increasing the risk of privilege escalation or data compromise within affected n8n instances.
Mitigation Recommendations
Upgrade n8n to version 1.123.55, 2.25.7, or 2.26.2 or later, where this authorization issue has been fixed. Since the vulnerability is resolved in these versions, applying the official update is the recommended remediation. Patch status is confirmed by the vendor advisory stating the fix in these versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-12T18:42:02.222Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3ab6daeed863c81e4f9f16
Added to database: 06/23/2026, 16:39:54 UTC
Last enriched: 06/23/2026, 16:54:31 UTC
Last updated: 06/23/2026, 17:39:59 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.