{"data":{"id":"76b16080-c61d-4250-a4f8-75165862ca5a","title":"GHSA-49m9-pgww-9vq6: n8n Vulnerable to Unauthenticated Denial of Service via MCP Client Registration","summary":"n8n has a vulnerability where an unauthenticated attacker can crash an n8n instance (a workflow automation tool) by sending large amounts of data to the MCP OAuth client registration endpoint (the system that lets external applications connect to n8n). The endpoint doesn't properly limit how much data it accepts or how many clients can register, allowing attackers to use up all the server's memory and make it unavailable.","solution":"Upgrade to n8n version 1.123.32, 2.17.4, 2.18.1, or later. If immediate upgrade is not possible, administrators can temporarily: (1) restrict network access to the n8n instance to prevent requests from untrusted sources, or (2) reduce the maximum accepted payload size by lowering the `N8N_PAYLOAD_SIZE_MAX` environment variable from its default value. The source notes these workarounds do not fully fix the risk and should only be used as short-term measures.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-49m9-pgww-9vq6","publishedAt":"2026-04-29T21:19:07.000Z","cveId":"CVE-2026-42236","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":["n8n@>= 2.0.0, < 2.17.4 (fixed: 2.17.4)","n8n@>= 2.18.0, < 2.18.1 (fixed: 2.18.1)","n8n@< 1.123.32 (fixed: 1.123.32)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["n8n"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-29T21:19:07.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}