PatchSiren cyber security CVE debrief
CVE-2026-55608 czlonkowski CVE debrief
CVE-2026-55608 is a medium-severity vulnerability in n8n-MCP, a server providing AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.57.4, in multi-tenant HTTP mode with ENABLE_MULTI_TENANT=true, an authenticated tenant could access default-scope workflow_versions backups instead of being confined to the tenant scope. This could lead to exposure or deletion of workflow-version backups from prior single-tenant deployments or migrations. The issue is fixed in version 2.57.4. Users of n8n-MCP, especially those deploying in multi-tenant environments, should be aware of this vulnerability and ensure they are running version 2.57.4 or later to mitigate the risk.
- Vendor
- czlonkowski
- Product
- n8n-mcp
- CVSS
- MEDIUM 4.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-15
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-15
- Advisory updated
- 2026-07-16
Who should care
Users of n8n-MCP, especially those deploying in multi-tenant environments, should be aware of this vulnerability and ensure they are running version 2.57.4 or later to mitigate the risk. This includes operators, platform administrators, vulnerability management teams, and security teams who need to assess the impact of this vulnerability on their deployments.
Technical summary
The vulnerability exists in the multi-tenant HTTP mode of n8n-MCP. When ENABLE_MULTI_TENANT=true, an authenticated tenant can access default-scope workflow_versions backups, potentially exposing or deleting backups from previous deployments. This issue arises from inadequate access control, allowing tenants to access resources beyond their scope. The vulnerability has a CVSS score of 4.2 and is classified as CWE-200 and CWE-863. Affected users should review and restrict access controls for multi-tenant environments.
Defensive priority
Medium priority should be given to updating n8n-MCP to version 2.57.4 or later, especially in multi-tenant environments. Defenders should review and restrict access controls for multi-tenant environments and monitor for any unauthorized access to workflow_versions backups.
Recommended defensive actions
- Update n8n-MCP to version 2.57.4 or later
- Review and restrict access controls for multi-tenant environments
- Monitor for any unauthorized access to workflow_versions backups
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
Evidence notes
The CVE record was published on 2026-07-15T21:16:55.307Z and was last modified on 2026-07-16T13:44:47.330Z. The NVD entry is currently Undergoing Analysis. The vulnerability has a CVSS score of 4.2 and is classified as CWE-200 and CWE-863. There is no evidence of exploitability or in-the-wild exploitation. Users should verify their deployments and ensure they are running version 2.57.4 or later.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-15T21:16:55.307Z and has not been modified since then. The NVD entry is currently Undergoing Analysis.