| CVE-2026-44694 |
critical |
9.1 |
9.1 |
|
|
|
21d ago |
n8n-mcp webhook and API client paths has an authenticated SSRF |
| CVE-2026-42449 |
high |
8.5 |
8.5 |
|
|
|
22d ago |
n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders |
| CVE-2026-45707 |
high |
8.1 |
8.1 |
|
|
|
11d ago |
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLE_MULTI_TENANT=true, the HTTP transport documents that th… |
| CVE-2026-45582 |
medium |
6.5 |
6.5 |
|
|
|
11d ago |
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.3, the workflow telemetry sanitizer could retain partial fragments of … |
| CVE-2026-41495 |
medium |
5.3 |
5.3 |
|
|
|
21d ago |
n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests |
| CVE-2026-42282 |
medium |
4.3 |
4.3 |
|
|
|
21d ago |
n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode |
| CVE-2026-39974 |
unknown |
— |
— |
|
|
|
2mo ago |
n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode |