CVE-2026-25055: n8n Vulnerable to Arbitrary File Write on Remote Systems via SSH Node
When workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those remote systems potentially leading to remote code execution on those systems.
As a prerequisites an unauthenticated attacker needs knowledge of such workflows existing and the endpoints for file uploads need to be unauthenticated.
References
- github.com/advisories/GHSA-m82q-59gv-mcr9
- github.com/n8n-io/n8n
- github.com/n8n-io/n8n/commit/528ad6b982d0519ec170e172f57b7fdbbe175230
- github.com/n8n-io/n8n/commit/e0baf48c6a54808f6dbca8cb352bfa306092c223
- github.com/n8n-io/n8n/security/advisories/GHSA-m82q-59gv-mcr9
- nvd.nist.gov/vuln/detail/CVE-2026-25055
Code Behaviors & Features
Detect and mitigate CVE-2026-25055 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →