CVE-2026-33724: Improper SSH Host Key Verification in n8n Source Control
Vulnerability ID: CVE-2026-33724
CVSS Score: 6.3
Published: 2026-03-25
n8n versions prior to 2.5.0 improperly disable SSH host key verification within the Source Control feature. This configuration allows network-positioned attackers to perform Man-in-the-Middle (MitM) attacks, intercept sensitive workflow credentials, and inject malicious code to achieve Remote Code Execution (RCE).
TL;DR
n8n < 2.5.0 passes 'StrictHostKeyChecking=no' to Git over SSH, enabling MitM attacks that allow malicious workflow injection and RCE.
Technical Details
- CWE ID: CWE-639
- Attack Vector: Network (MitM Required)
- CVSS Score: 6.3 (Medium)
- Impact: Remote Code Execution, Credential Theft
- Exploit Status: Unverified
- CISA KEV: Not Listed
Affected Systems
- n8n Source Control Module
- Underlying Git synchronization mechanism
-
n8n: < 2.5.0 (Fixed in:
2.5.0)
Mitigation Strategies
- Upgrade n8n to version 2.5.0 or later to enforce strict SSH host key checking.
- Disable the Source Control feature if synchronization is not strictly required.
- Implement network segmentation, ensuring traffic to the Git provider traverses only trusted, encrypted tunnels (e.g., VPN, VPC peering).
Remediation Steps:
- Backup the current n8n configuration and database.
- Update the n8n container image or application binary to version 2.5.0.
- Restart the n8n service.
- Navigate to the Source Control settings and verify that the Git provider's SSH host keys are correctly supplied and validated.
- Trigger a manual workflow synchronization to confirm connectivity and security.
References
Read the full report for CVE-2026-33724 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)