In a nutshell: Two critical security vulnerabilities in self-hosted n8n installations allow attackers to access integrated systems and credentials.
Two critical security vulnerabilities have been discovered in the automation platform n8n, affecting self-hosted servers. Since n8n is frequently used as an integration hub for numerous systems, the vulnerabilities potentially enable comprehensive access to connected applications and data.
n8n is a widely-used automation platform that enterprises use to orchestrate workflows between different applications automatically. The platform stores and manages access credentials for integrated systems such as cloud services, databases, and business applications — a role that makes it an attractive target for attackers.
The discovered security vulnerabilities target self-hosted n8n instances. Depending on the nature of the vulnerabilities, attackers may be able to extract access credentials or gain access to workflows in order to manipulate them. This turns the automation platform into an entry point for attacks on connected systems — from CRM systems to ERP solutions to payment services.
Administrators should check their n8n instances for suspicious access or workflow changes. This includes reviewing audit logs and checking which integration credentials exist and whether they still correspond to actual permissions. A prompt update to patched versions is required to close the vulnerabilities.
The vulnerabilities highlight the critical role that automation platforms play in modern IT infrastructures. They are not simply workflow engines, but central trust anchors on which many other systems depend. A compromise therefore has multiple damage potential.
Source: www.golem.de · Published June 22, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.