Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 48384e243a90 · 2026-02-26T22:47:12.000Z
GHSA-fvfv-ppw4-7h2w GHSA-jh8h-6c9q-7gmw GHSA-vjf3-2gpj-233v
diff --git a/advisories/github-reviewed/2026/02/GHSA-fvfv-ppw4-7h2w/GHSA-fvfv-ppw4-7h2w.json b/advisories/github-reviewed/2026/02/GHSA-fvfv-ppw4-7h2w/GHSA-fvfv-ppw4-7h2w.json
@@ -0,0 +1,68 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fvfv-ppw4-7h2w",
+  "modified": "2026-02-26T22:46:43Z",
+  "published": "2026-02-26T22:46:42Z",
+  "aliases": [],
+  "summary": "n8n has a Guardrail Node Bypass",
+  "details": "## Impact\nAn end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions.\n\n## Patches\nThe issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability.\n\n## Workarounds\nIf upgrading is not immediately possible, administrators should consider the following temporary mitigations:\n- Limit access to trusted users.\n- Review asses the practical impact of guardrail bypasses in your usecase and adjust your workflow accordingly.\n\nThese workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "n8n"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.10.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-fvfv-ppw4-7h2w"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/commit/8d0251d1deef256fd3d9176f05dedab62afde918"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/n8n-io/n8n"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/releases/tag/n8n@2.10.0"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-20",
+      "CWE-693"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-02-26T22:46:42Z",
+    "nvd_published_at": null
+  }
+}
diff --git a/advisories/github-reviewed/2026/02/GHSA-jh8h-6c9q-7gmw/GHSA-jh8h-6c9q-7gmw.json b/advisories/github-reviewed/2026/02/GHSA-jh8h-6c9q-7gmw/GHSA-jh8h-6c9q-7gmw.json
@@ -0,0 +1,109 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-jh8h-6c9q-7gmw",
+  "modified": "2026-02-26T22:45:41Z",
+  "published": "2026-02-26T22:45:41Z",
+  "aliases": [],
+  "summary": "n8n has an Authentication Bypass in its Chat Trigger Node",
+  "details": "## Impact\nWhen the Chat Trigger node is configured with n8n User Auth authentication, the authentication check could be circumvented. \n- This issue requires the Chat Trigger node to be configured with n8n User Auth authentication (non-default).\n\n## Patches\nThe issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability.\n\n## Workarounds\nIf upgrading is not immediately possible, administrators should consider the following temporary mitigations:\n- Limit workflow creation and editing permissions to fully trusted users only.\n- Use a different authentication method for the Chat Trigger node, or restrict network access to the webhook endpoint to trusted origins.\n\nThese workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "n8n"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.123.22"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "n8n"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.0.0"
+            },
+            {
+              "fixed": "2.9.3"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "n8n"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "2.10.0"
+            },
+            {
+              "fixed": "2.10.1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-jh8h-6c9q-7gmw"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/commit/062644ef786b6af480afe4a0f12bc6d70040534a"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/commit/1479aab2d32fe0ee087f82b9038b1035c98be2f6"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/commit/9e5212ecbc5d2d4e6f340b636a5e84be6369882e"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/n8n-io/n8n"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-287"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-02-26T22:45:41Z",
+    "nvd_published_at": null
+  }
+}
diff --git a/advisories/github-reviewed/2026/02/GHSA-vjf3-2gpj-233v/GHSA-vjf3-2gpj-233v.json b/advisories/github-reviewed/2026/02/GHSA-vjf3-2gpj-233v/GHSA-vjf3-2gpj-233v.json
@@ -0,0 +1,69 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-vjf3-2gpj-233v",
+  "modified": "2026-02-26T22:45:14Z",
+  "published": "2026-02-26T22:45:13Z",
+  "aliases": [],
+  "summary": "n8n has an SSO Enforcement Bypass in its Self-Service Settings API",
+  "details": "## Impact\nAn authenticated user signed in through Single Sign-On (SSO) could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy, centralized identity management, and any identity-provider-enforced multi-factor authentication.\n\n## Patches\nThe issue has been fixed in n8n version 2.8.0. Users should upgrade to this version or later to remediate the vulnerability.\n\n## Workarounds\nIf upgrading is not immediately possible, administrators should consider the following temporary mitigations:\n- Monitor audit logs for users who create local credentials after authenticating via SSO.\n- Restrict the n8n instance to fully trusted users only.\n\nThese workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "n8n"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.8.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/security/advisories/GHSA-vjf3-2gpj-233v"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/commit/a70b2ea379086da3de103bb84811e88cadf29976"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/n8n-io/n8n"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/n8n-io/n8n/releases/tag/n8n@2.8.0"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-269",
+      "CWE-284",
+      "CWE-287"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": true,
+    "github_reviewed_at": "2026-02-26T22:45:13Z",
+    "nvd_published_at": null
+  }
+}
