CVE-2026-33749

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.27 n8n versions prior to 2.13.3 n8n versions prior to 2.14.1

Description n8n is a workflow automation platform. An authenticated user with appropriate permissions could create a workflow that generates HTML binary data without a filename. The /rest/binary-data endpoint serves these responses inline without the necessary Content-Disposition or Content-Security-Policy headers. This allows the HTML to render in the browser with full same-origin JavaScript access. An attacker could send the resulting URL to a higher-privileged user, potentially executing JavaScript in the victim’s session, leading to workflow and credential exfiltration, workflow modification, or privilege escalation to administrator level. The issue involves the exploitation of the /rest/binary-data endpoint and the manipulation of binary data objects. The username and password of authenticated users could be compromised.

Recommendations Upgrade to n8n version 1.123.27 or later. Upgrade to n8n version 2.13.3 or later. Upgrade to n8n version 2.14.1 or later. If upgrading is not immediately possible, limit workflow creation and editing permissions to fully trusted users only. If upgrading is not immediately possible, restrict network access to the n8n instance.