PT-2026-60107 · N8N-Mcp · N8N-Mcp
Published
2026-07-14
·
Updated
2026-07-15
·
CVE-2026-55608
CVSS v3.1
4.2
Medium
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
n8n-mcp versions prior to 2.57.4
Description
In multi-tenant HTTP mode, an authenticated tenant can access local default-scope
workflow versions backups instead of being restricted to their own tenant scope. This issue allows an authenticated MCP HTTP tenant to read or delete workflow-version backups stored in the default single-tenant scope, such as those remaining from a previous single-tenant deployment or migration. Workflow snapshots may contain sensitive configuration data. This issue specifically affects n8n-mcp local workflow-version storage and does not impact stdio deployments or standard n8n API capabilities.Recommendations
Upgrade to n8n-mcp version 2.57.4 or later.
Restrict network access to the HTTP endpoint using a firewall, reverse proxy, or VPN to ensure only trusted callers have access.
Run the software in stdio mode to eliminate the multi-tenant HTTP surface.
Remove default-scope backups from prior single-tenant deployments if they are no longer needed.
Fix
Incorrect Authorization
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
N8N-Mcp