CVE-2026-44694— n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API client paths
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44694
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API client paths
Source: NVD (National Vulnerability Database)
Vulnerability Description
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client (N8N_API_URL), and per-request URLs supplied via the x-n8n-url header in multi-tenant HTTP mode. This issue has been patched in version 2.50.2.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
n8n-MCP 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
n8n-MCP是Romuald Członkowski个人开发者的一个连接AI助手与自动化工作流平台的模型上下文协议服务器。 n8n-MCP 2.18.7版本至2.50.2之前版本存在安全漏洞,该漏洞源于经过身份验证的服务端请求伪造,可能影响webhook触发工具、n8n API客户端和通过x-n8n-url标头提供的URL。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| czlonkowski | n8n-mcp | >= 2.18.7, < 2.50.2 | - |
II. Public POCs for CVE-2026-44694
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-44694
请登录查看更多情报信息。
- Release Release v2.50.2 · czlonkowski/n8n-mcp · GitHubx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2026-44694
Same Patch Batch · czlonkowski · 2026-05-08 · 3 CVEs total
| CVE-2026-41495 | 5.3 MEDIUM | n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests |
| CVE-2026-42282 | 4.3 MEDIUM | n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode |
IV. Related Vulnerabilities
Same product: n8n-mcp
Same vendor: czlonkowski
Same weakness: CWE-367
- CVE-2026-42344
FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress al - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2026-34354
Akamai Guardicore Platform Agent 安全漏洞 - CVE-2026-41002
VMware Spring Cloud Config 安全漏洞 - CVE-2026-44112
OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenSh
V. Comments for CVE-2026-44694
No comments yet