CVE-2026-56353 PUBLISHED

n8n - Authentication Bypass in Chat Trigger Node

Assigner: VulnCheck
Reserved: 20.06.2026 Published: 15.07.2026 Updated: 15.07.2026

n8n contains an authentication bypass in the Chat Trigger node when configured with n8n User Auth (a non-default configuration). In affected releases — before 1.123.22, the 2.0.0 through 2.9.2 line, and 2.10.0 — the authentication check on the Chat Trigger webhook endpoint can be circumvented, allowing access without valid credentials. Fixed in 1.123.22, 2.9.3, and 2.10.1.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score: 6.3

Product Status

Vendor n8n
Product n8n
Versions Default: unaffected
  • affected from 0 to 1.123.22 (excl.)
  • Version 1.123.22 is unaffected
  • affected from 2.0.0 to 2.9.3 (excl.)
  • Version 2.9.3 is unaffected
  • affected from 2.10.0 to 2.10.1 (excl.)
  • Version 2.10.1 is unaffected

Credits

  • sm1ee reporter

References

Problem Types

  • Improper Authentication CWE