PatchSiren cyber security CVE debrief
CVE-2026-54310 n8n-io CVE debrief
CVE-2026-54310 is a SQL injection vulnerability in n8n, an open-source workflow automation platform. Authenticated users with workflow creation or modification permissions could inject and execute arbitrary SQL against the connected database within the privileges of the configured database account. This issue affects n8n versions prior to 2.25.7 and 2.26.2. The vulnerability has been fixed in versions 2.25.7 and 2.26.2. Users should update to these versions to mitigate the risk. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 6.5, indicating a medium severity level.
- Vendor
- n8n-io
- Product
- n8n
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-23
- Original CVE updated
- 2026-06-25
- Advisory published
- 2026-06-23
- Advisory updated
- 2026-06-25
Who should care
Users of n8n workflow automation platform, especially those with authenticated access to create or modify workflows, should be aware of this vulnerability. Database administrators and security teams responsible for monitoring and patching vulnerabilities in their infrastructure should prioritize updating n8n to the latest versions. Additionally, organizations using n8n in their production environments should assess their exposure and take necessary mitigation steps.
Technical summary
The vulnerability exists in the TimescaleDB and legacy Postgres v1 nodes of the n8n platform. An authenticated user with permission to create or modify workflows can supply crafted parameters, allowing arbitrary SQL injection and execution against the connected database. The vulnerability is due to insufficient input validation and sanitization of user-supplied parameters. The CVSS vector for this vulnerability is CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.
Defensive priority
This vulnerability has a medium CVSS score of 6.5 and could be exploited by authenticated users with workflow creation or modification permissions. Given the potential for SQL injection and execution, defenders should prioritize patching and monitoring their n8n instances.
Recommended defensive actions
- Update n8n to version 2.25.7 or 2.26.2, or later, to apply the fixes for this vulnerability.
- Restrict workflow creation and modification permissions to only trusted users and roles.
- Implement additional monitoring and logging to detect potential SQL injection attempts.
- Perform regular security audits and vulnerability assessments to identify and address potential issues.
- Consider implementing compensating controls, such as Web Application Firewalls (WAFs), to detect and prevent SQL injection attacks.
Evidence notes
The CVE-2026-54310 vulnerability was publicly disclosed on June 23, 2026, and the CVE record was last modified on June 25, 2026. The NVD provides detailed information about the vulnerability, including its CVSS score and vector. The vendor, n8n, has provided mitigation and vendor advisory information through their security advisory page.
Official resources
-
CVE-2026-54310 CVE record
CVE.org
-
CVE-2026-54310 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Mitigation, Vendor Advisory
This article is AI-assisted and based on the supplied source corpus.