GHSA-pmqw-72cg-wx85
n8n: Credential Exfiltration via Permission Bypass
Details
## Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access.
This issue affects instances where workflow sharing is enabled and at least one workflow has been shared with a member-level user as an Editor.
## Patches The issue has been fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2. Users should upgrade to one of these versions or later to remediate the vulnerability.
## Workarounds If upgrading is not immediately possible, administrators should consider the following temporary mitigations: - Restrict workflow sharing to fully trusted users only. - Audit shared workflows for unexpected credential references or recent modifications.
These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
**Credits:** Momen Elkhouli
Are you affected?
Enter the version of the package you're using.