← العودة للجدول
CVE-2026-54052
CVE-2026-54052 — n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP de
📅 2026-07-14
🔴 Critical 🔥 No GHSA Vulnerability Data Breach CVSS 9.9

📋 الوصف الكامل

## Impact In multi-tenant HTTP deployments — where a single n8n-mcp server serves several tenants — the locally stored workflow version history (the automatic backups taken before workflow updates) was not isolated per tenant. An authenticated tenant could read workflow version snapshots belonging to other tenants, and could delete or destroy other tenants' stored backups. A stored snap

💻 الأنظمة المتأثرة

⚠️ نوع التهديد

Vulnerability

🔗 CVE ID

CVE-2026-54052

📡 المصدر

GHSA

✅ الحلول والتخفيف

Refer to CVE-2026-54052 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ← 🔍 Valters IT ←