{"data":{"id":"70929cdf-1778-43e8-9ee8-4491eedc8272","title":"GHSA-2cf7-hpwf-47h9: n8n-MCP: Incorrect authorization can expose default-scope workflow version backups in multi-tenant HTTP mode","summary":"In n8n-mcp (a tool that connects AI models to workflows) running in multi-tenant HTTP mode (where multiple separate users share one server), an authenticated user could bypass access controls and read or delete workflow backups stored in the default single-tenant scope instead of being restricted to their own workspace. This could expose sensitive workflow configuration information.","solution":"Upgrade to n8n-mcp version 2.57.4 or later. The fix requires a complete tenant context in multi-tenant mode and fails closed for workflow-version access that cannot be attributed to a specific tenant. Alternatively, restrict network access to the HTTP endpoint using a firewall or reverse proxy, run in stdio mode (which has no multi-tenant HTTP surface), or remove default-scope backups from prior single-tenant deployments if they are no longer needed.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-2cf7-hpwf-47h9","publishedAt":"2026-07-14T20:26:39.000Z","cveId":"CVE-2026-55608","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":["n8n-mcp@<= 2.57.3 (fixed: 2.57.4)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["n8n-mcp"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-07-14T20:26:39.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}