Loading market data...
← Back to CVE feed

CVE-2026-56350

MEDIUM CVSS 6.3 View on NVD ↗

Description

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor authentication.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N
Published: Jun 30, 2026 23:17 UTC Modified: Jul 01, 2026 18:27 UTC