{"data":{"id":"79ac9ef5-a8dd-4673-b503-5bcc33c27c2b","title":"GHSA-6h4j-wcr9-2vg7: n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints","summary":"n8n, a workflow automation tool, had a security flaw where OAuth credential reconnect endpoints checked for read-only access instead of update access. This meant an authenticated user with limited permissions could hijack shared credentials by reconnecting them to their own external account, allowing them to intercept data or take over workflows that other users depend on.","solution":"Upgrade to n8n version 1.123.43, 2.20.7, or 2.21.1 or later. If upgrading immediately is not possible, administrators should restrict credential sharing to fully trusted users only and audit shared credentials for unexpected OAuth token changes, revoking any tokens that may have been replaced. The source notes these workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-6h4j-wcr9-2vg7","publishedAt":"2026-05-14T16:18:14.000Z","cveId":"CVE-2026-45732","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["n8n@>= 2.0.0-rc.0, < 2.20.7 (fixed: 2.20.7)","n8n@>= 2.21.0, < 2.21.1 (fixed: 2.21.1)","n8n@< 1.123.43 (fixed: 1.123.43)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["n8n"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-05-14T16:18:14.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}