A vulnerability has been found in n8n up to 1.123.60/2.27.3/2.28.0 and classified as critical. Affected by this issue is the function executeQuery of the component MySQL v1 Node. The manipulation leads to sql injection.

This vulnerability is listed as CVE-2026-59257. The attack may be initiated remotely. There is no available exploit.