CVE-2026-25052CRITICAL 9.9EPSS p22.1%

CVE-2026-25052CVE-2026-25052

Description

n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical configuration data and user credentials, leading to complete account takeover of any user on the instance. This issue has been patched in versions 1.123.18 and 2.5.0.

Scoring

CVSS 3.19.9 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.31% probability of exploitation · percentile 22.1% · 2026-06-18T12:00:27Z
Published2026-02-04
Last modified2026-02-05

Underlying weaknesses· 1

CWE-367

References

  1. https://github.com/n8n-io/n8n/security/advisories/GHSA-gfvg-qv54-r4pc

1

TypeTargetConfidenceTier
WeaknessTime-of-check Time-of-use (TOCTOU) Race Conditioncwe-3670%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-25053
CVE
CVE-2026-25055
CVE
CVE-2026-25056
CVE
CVE-2026-21858
CVE
CVE-2026-25049
CVE
CVE-2026-21877
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.