DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-8G7G-HMWM-6RV2: GHSA-8g7g-hmwm-6rv2: Path Traversal, SSRF, and Information Exposure in n8n-mcp

#security #cve #cybersecurity #ghsa

GHSA-8g7g-hmwm-6rv2: Path Traversal, SSRF, and Information Exposure in n8n-mcp

Vulnerability ID: GHSA-8G7G-HMWM-6RV2
CVSS Score: 8.5
Published: 2026-05-08

Multiple high-severity vulnerabilities were identified in the n8n-mcp package prior to version 2.50.1. These vulnerabilities include a Path Traversal flaw in the API client, a Server-Side Request Forgery (SSRF) bypass via redirect-following, and an Information Exposure vulnerability in the telemetry service. Collectively, these flaws permit credential theft, internal network access, and the leakage of sensitive workflow configurations.

TL;DR

Versions of n8n-mcp before 2.50.1 suffer from path traversal in API path construction, SSRF via uncontrolled redirect following, and plain-text exposure of sensitive API keys in telemetry data. The vendor patched these issues in version 2.50.1.

⚠️ Exploit Status: POC

Technical Details

  • Vulnerability IDs: GHSA-8g7g-hmwm-6rv2, AIKIDO-2026-10739
  • Primary CWEs: CWE-22, CWE-918, CWE-200, CWE-212
  • Attack Vector: Network
  • Estimated CVSS: 8.5 (High)
  • Exploit Status: Proof of Concept available
  • Patched Version: 2.50.1

Affected Systems

  • n8n-mcp API Client
  • n8n-mcp Webhook Triggers
  • n8n-mcp Telemetry Service
  • n8n-mcp: < 2.50.1 (Fixed in: 2.50.1)

Code Analysis

Commit: 1cfe9c6

Security patch addressing path traversal, SSRF, and telemetry leakage vulnerabilities in n8n-mcp.

Mitigation Strategies

  • Upgrade the n8n-mcp package to version 2.50.1 or later.
  • Implement egress network filtering to block connections to cloud metadata endpoints (169.254.169.254).
  • Rotate any API keys or credentials that were stored in historical telemetry logs.
  • Audit custom webhook handlers to ensure HTTP redirect following is explicitly disabled.

Remediation Steps:

  1. Identify all deployments of the n8n-mcp package within the environment.
  2. Execute package manager updates to pull version 2.50.1.
  3. Restart the affected Node.js services to apply the updated dependencies.
  4. Review historical telemetry logs and purge any entries containing unredacted workflow mutation payloads.
  5. Rotate credentials accessed by the application prior to the patch application.

References

Read the full report for GHSA-8G7G-HMWM-6RV2 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)