GHSA-42h7-m79w-wvg5: n8n: Stored XSS in Chat Trigger Node
Summary
n8n (a workflow automation tool) has a stored XSS vulnerability (cross-site scripting, where malicious code is saved and runs when users visit a page) in its Chat Trigger feature. An authenticated user with edit access could inject harmful JavaScript code that executes with the privileges of anyone who visits the chat URL, potentially compromising their session.
Solution / Mitigation
The issue has been fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2. Users should upgrade to one of these versions or later. If upgrading is not immediately possible, administrators can: limit workflow creation and editing permissions to fully trusted users only, or disable the Chat Trigger node by adding `@n8n/n8n-nodes-langchain.chatTrigger` to the `NODES_EXCLUDE` environment variable. The source notes these workarounds do not fully remediate the risk and should only be used as short-term measures.
Vulnerability Details
EPSS: 0.0%
Yes
June 16, 2026
Classification
Taxonomy References
Affected Vendors
Affected Packages
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://github.com/advisories/GHSA-42h7-m79w-wvg5
First tracked: June 16, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 85%