CVE-2026-56357 | n8n-io n8n up to 1.123.14/2.4.x WebHook Trigger authentication spoofing (GHSA-mqpr-49jj-32rc)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability, which was classified as critical, has been found in n8n-io n8n up to 1.123.14/2.4.x. The impacted element is an unknown function of the component WebHook Trigger Handler. The manipulation leads to authentication bypass by spoofing.

This vulnerability is listed as CVE-2026-56357. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-56357 | n8n-io n8n up to 1.123.14/2.4.x WebHook Trigger authentication spoofing (GHSA-mqpr-49jj-32rc)

Post correlati

CVE-2025-4719 | Campcodes Sales and Inventory System 1.0 cash_transaction.php cid sql injection

CVE-2021-1465 | Cisco Catalyst SD-WAN Manager up to 20.1.12 Web-based Management Interface path traversal (cisco-sa-vman-dir-trav-Bpwc5gtm)

CVE-2021-22503 | OpenText eDirectory 9.2.3.0000 cross site scripting

CVE-2024-20478 | Cisco Application Policy Infrastructure Controller (APIC) Software Upgrade unnecessary privileges (cisco-sa-capic-priv-esc-uYQJjnuU)