Loading market data...
← Back to CVE feed

CVE-2026-44790

HIGH CVSS 8.8 View on NVD ↗

Description

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leading to full compromise. This vulnerability is fixed in 1.123.43, 2.22.1, and 2.20.7.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

n8n/n8n
Published: Jun 23, 2026 17:16 UTC Modified: Jun 24, 2026 13:54 UTC