CVE-2026-44791

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-44791 is a patch bypass vulnerability found in the XML node of the n8n workflow automation software. This flaw reintroduces a previously addressed prototype pollution issue, allowing attackers to circumvent existing fixes for manipulating object prototypes through the XML processing logic. When exploited, particularly in conjunction with other vulnerabilities, CVE-2026-44791 can enable authenticated attackers to execute arbitrary code, bypass security mechanisms, perform SQL injection attacks, manipulate data, or disclose confidential information on systems running vulnerable versions of n8n. Affected versions include n8n prior to 2.20.0, 1.123.43, 2.22.1, and 2.20.7, with patches available to address the issue.

Description
-

Social media

Hype score
Not currently trending

  1. CVE-2026-44789, CVE-2026-44790 & CVE-2026-44791: 3 new vulnerabilities in n8n, 9.4 rating 🔥 Recently disclosed vulnerabilities in n8n allow an attacker to read arbitrary files from the server, achieve global prototype pollution and bypass the patch for previous vulnerabil

    @Netlas_io

    20 May 2026

    5066 Impressions

    18 Retweets

    51 Likes

    23 Bookmarks

    2 Replies

    0 Quotes

  2. 🚨 Upozorňujeme na sérii zranitelností v platformě n8n, CVE-2026-44789, CVE-2026-44790 a CVE-2026-44791. Byly identifikovány tři kritické chyby v nativních uzlech HTTP Request, Git a XML, které umožňují nízko-privilegovaným autentizovaným útočníkům s opráv

    @GOVCERT_CZ

    20 May 2026

    559 Impressions

    2 Retweets

    7 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. n8nに重大な脆弱性(CVE-2026-44789・CVE-2026-44790・CVE-2026-44791) https://t.co/gsgKoLYpvA #セキュリティ対策Lab #security #securitynews

    @securityLab_jp

    20 May 2026

    105 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. n8nにCVSSスコア9.4の重大(Critical)な脆弱性が3件。CVE-2026-44790、CVE-2026-44791、CVE-2026-44789。ワークフローの作成/変更が可能なユーザがインフラ側で任意のコードを実行できる。修正版提供あり。 https://t.co/ioxgK7xj0u

    @__kokumoto

    18 May 2026

    1111 Impressions

    2 Retweets

    7 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨High - n8n Multiple Critical Vulnerabilities (CVE-2026-44791, CVE-2026-44792, CVE-2026-45732, CVE-2026-44789, CVE-2026-44790) Multiple high-severity vulnerabilities were disclosed in n8n, including Prototype Pollution leading to RCE (via XML Node and HTTP Request Node),

    @UpwindMDR

    14 May 2026

    80 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.