SQL Injection in N8n-io N8n
CVE-2026-44792
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file c…
Vulnerability class: SQL Injection
Affected products
- N8n-io N8n — versions < 1.123.43, >= 2.0.0-rc.0, < 2.20.7, >= 2.21.0, < 2.21.1
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)