PT-2026-28082 · N8N · N8N
Published
2026-03-25
·
Updated
2026-03-26
·
CVE-2026-33722
CVSS v4.0
7.3
High
| Vector | AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
n8n versions prior to 1.123.23
n8n versions prior to 2.6.4
Description
An authenticated user lacking the necessary permissions could access secrets stored in connected vaults by referencing them by name when saving credentials. This bypasses the
externalSecret:list permission check. The issue requires an external secrets vault to be configured and the attacker must know or guess the target secret's name.Recommendations
Upgrade to n8n version 1.123.23 or later.
Upgrade to n8n version 2.6.4 or later.
Restrict n8n access to fully trusted users only.
Disable external secrets integration until a patch can be applied.
Exploit
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
N8N