CVE-2025-52554

Medium CVSS: 4.9

n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential business disruption. This issue has been patched in version 1.99.1. A workaround involves restricting access to the /rest/executions/:id/stop endpoint via reverse proxy or API gateway.

Vendor

N8n

Product

N8n

CWE

CWE-862

Yayın Tarihi

2025-07-03 20:15:23

Güncelleme

2025-09-04 16:53:45

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-862 N8n MEDIUM N8n 2025

Referanslar

https://github.com/dudanogueira/n8n/commit/ca2f90c7fbaa1d661ade2f45d587d9469bc287e1 https://github.com/n8n-io/n8n/commit/e5edc60e344924230baafb11fa1f0af788e9ca9a https://github.com/n8n-io/n8n/pull/16405 https://github.com/n8n-io/n8n/security/advisories/GHSA-gq57-v332-7666

Benzer Kayıtlar

High

CVE-2026-33722

n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without…

Medium

CVE-2026-33724

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configure…

Medium

CVE-2026-33749

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated use…

Medium

CVE-2026-33751

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP n…

Medium

CVE-2026-33720

n8n is an open source workflow automation platform. Prior to version 2.8.0, when the `N8N_SKIP_AUTH_ON_OAUTH_CALLBACK` e…

Critical

CVE-2026-33660

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated use…