PT-2026-60107 · N8N-Mcp · N8N-Mcp

Published

2026-07-14

·

Updated

2026-07-15

·

CVE-2026-55608

CVSS v3.1

4.2

Medium

VectorAV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions n8n-mcp versions prior to 2.57.4
Description In multi-tenant HTTP mode, an authenticated tenant can access local default-scope workflow versions backups instead of being restricted to their own tenant scope. This issue allows an authenticated MCP HTTP tenant to read or delete workflow-version backups stored in the default single-tenant scope, such as those remaining from a previous single-tenant deployment or migration. Workflow snapshots may contain sensitive configuration data. This issue specifically affects n8n-mcp local workflow-version storage and does not impact stdio deployments or standard n8n API capabilities.
Recommendations Upgrade to n8n-mcp version 2.57.4 or later. Restrict network access to the HTTP endpoint using a firewall, reverse proxy, or VPN to ensure only trusted callers have access. Run the software in stdio mode to eliminate the multi-tenant HTTP surface. Remove default-scope backups from prior single-tenant deployments if they are no longer needed.

Fix

Incorrect Authorization

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-55608
GHSA-2CF7-HPWF-47H9

Affected Products

N8N-Mcp