CVE-2026-54313
HighCVSS 7.7Exploitation Probability (EPSS)
Low risk17th percentile — higher than 17% of all known CVEs
Summary
n8n is an open source workflow automation platform. Prior to version 2.24.0, an authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation, leading to unintended documents being matched and overwritten with attacker-controlled content.
Risk Assessment
This vulnerability may lead to unauthorized access and modification of data, posing a serious threat to data integrity within the organization.
Recommendation
It is recommended to upgrade to version 2.24.0 or later to mitigate this vulnerability and to conduct an audit of workflow access.
Original NVD description (English source)
n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with workflow edit access could supply a malicious filter value in the MongoDB node's Find And Replace operation. The value was not validated before being passed to MongoDB as a query filter, allowing unintended documents to be matched and overwritten with attacker-controlled content. This vulnerability is fixed in 2.24.0.

