CVE-2026-44792: n8n Has a Source Control Pull SQL Injection

May 14, 2026

An attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection on the internal PostgreSQL instance.

Exploitation requires all of the following conditions:

The n8n instance uses PostgreSQL as its database backend.
The Source Control feature is enabled and connected to a repository the attacker can write to.
An administrator triggers a Source Control Pull.

References

github.com/advisories/GHSA-mhrx-qhrj-673w
github.com/n8n-io/n8n/security/advisories/GHSA-mhrx-qhrj-673w
nvd.nist.gov/vuln/detail/CVE-2026-44792

Code Behaviors & Features

Detect and mitigate CVE-2026-44792 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →