{"data":{"id":"af4233d5-c108-4aea-b9d1-5f9dada74fd2","title":"GHSA-f77h-j2v7-g6mw: n8n Vulnerable to Hijacking of Unauthenticated Chat Execution ","summary":"n8n's Chat Trigger feature had a security flaw where the `/chat` WebSocket endpoint (a communication channel) didn't check if users were authorized to access workflow executions. An attacker who could guess a valid execution ID (a unique identifier for a running workflow instance) could connect to an unprotected chat workflow, intercept prompts meant for legitimate users, and inject their own commands to change how the workflow behaves.","solution":"The issue has been fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1. Users should upgrade to one of these versions or later. As a temporary workaround, administrators can enable authentication on all Chat Trigger nodes by setting the Authentication field to `n8n User Auth` rather than `None`, though this does not fully eliminate the risk.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-f77h-j2v7-g6mw","publishedAt":"2026-04-29T21:17:44.000Z","cveId":"CVE-2026-42228","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":["n8n@>= 2.0.0, < 2.17.4 (fixed: 2.17.4)","n8n@>= 2.18.0, < 2.18.1 (fixed: 2.18.1)","n8n@< 1.123.32 (fixed: 1.123.32)"],"affectedVendors":[],"affectedVendorsRaw":["n8n"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-04-29T21:17:44.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}