CVE-2026-44789
AI description
CVE-2026-44789 is a vulnerability found in the n8n workflow automation platform, specifically within its HTTP Request node. This flaw is categorized as an Improperly Controlled Modification of Object Prototype Attributes, also known as "Prototype Pollution" (CWE-1321). It arises from an unvalidated pagination parameter, which an authenticated user with permissions to create or modify workflows can exploit. Exploiting this prototype pollution can corrupt application logic across workflows. When combined with other techniques, it can ultimately enable an attacker to achieve remote code execution (RCE) on the n8n host system.
- Description
- -
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
10
CVE-2026-44789, CVE-2026-44790 & CVE-2026-44791: 3 new vulnerabilities in n8n, 9.4 rating 🔥 Recently disclosed vulnerabilities in n8n allow an attacker to read arbitrary files from the server, achieve global prototype pollution and bypass the patch for previous vulnerabil
@Netlas_io
20 May 2026
5066 Impressions
18 Retweets
51 Likes
23 Bookmarks
2 Replies
0 Quotes
🚨 Upozorňujeme na sérii zranitelností v platformě n8n, CVE-2026-44789, CVE-2026-44790 a CVE-2026-44791. Byly identifikovány tři kritické chyby v nativních uzlech HTTP Request, Git a XML, které umožňují nízko-privilegovaným autentizovaným útočníkům s opráv
@GOVCERT_CZ
20 May 2026
559 Impressions
2 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
n8nに重大な脆弱性(CVE-2026-44789・CVE-2026-44790・CVE-2026-44791) https://t.co/gsgKoLYpvA #セキュリティ対策Lab #security #securitynews
@securityLab_jp
20 May 2026
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
github CVE-2026-44789: RCE. cloud misconfigs scale your blast radius by every region you operate in. audit IAM first. #GitHub #RCE #CVE-2026-44789 https://t.co/hpOdrGCDAV
@trerbbb
18 May 2026
68 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
n8nにCVSSスコア9.4の重大(Critical)な脆弱性が3件。CVE-2026-44790、CVE-2026-44791、CVE-2026-44789。ワークフローの作成/変更が可能なユーザがインフラ側で任意のコードを実行できる。修正版提供あり。 https://t.co/ioxgK7xj0u
@__kokumoto
18 May 2026
1111 Impressions
2 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
n8n patched a critical prototype pollution bug (CVE-2026-44789) in the HTTP Request node that an authenticated user could chain into RCE on the instance. patch to 1.123.43 or 2.22.1. https://t.co/lpjLmO8XAF
@securelens
17 May 2026
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨High - n8n Multiple Critical Vulnerabilities (CVE-2026-44791, CVE-2026-44792, CVE-2026-45732, CVE-2026-44789, CVE-2026-44790) Multiple high-severity vulnerabilities were disclosed in n8n, including Prototype Pollution leading to RCE (via XML Node and HTTP Request Node),
@UpwindMDR
14 May 2026
80 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes