HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-56350 — n8n before 2.8.0 contains an authentication bypass vulnerability allowing authen...

·Source: NIST NVD

Updated:

Executive Summary

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor authentication.

Analysis

n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor authentication. CVSS Score: 6.3. Published: 2026-06-30T23:17:30.867.

Indicators of Compromise (1)

CVE (1)
CVE-2026-56350
Source Attribution

Originally published by NIST NVD on Jun 30, 2026. Verified by: NIST.

Related Threats