{"data":{"id":"527836c5-8d9b-466d-8cc0-72062731dd9d","title":"GHSA-r6jc-mpqw-m755: n8n has SQL Injection in Oracle Database Node via Limit Field","summary":"n8n, a workflow automation tool, had a SQL injection vulnerability (a type of attack where malicious SQL commands are inserted into input fields) in its Oracle Database node. The flaw allowed attackers to inject arbitrary SQL commands through the `Limit` field when external user input was used, potentially letting them steal data from the connected Oracle database.","solution":"The issue has been fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, temporary mitigations include: limiting workflow creation and editing permissions to fully trusted users only, disabling the Oracle Database node by adding `n8n-nodes-base.oracleDatabase` to the `NODES_EXCLUDE` environment variable, and avoiding passing unvalidated external user input into the Oracle Database node's `Limit` field via expressions. The source notes these workarounds do not fully remediate the risk and should only be used as short-term measures.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-r6jc-mpqw-m755","publishedAt":"2026-04-29T21:08:27.000Z","cveId":"CVE-2026-42233","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":["n8n@>= 2.0.0, < 2.17.4 (fixed: 2.17.4)","n8n@>= 2.18.0, < 2.18.1 (fixed: 2.18.1)","n8n@< 1.123.32 (fixed: 1.123.32)"],"affectedVendors":[],"affectedVendorsRaw":["n8n"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-29T21:08:27.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}