n8n before 2.28.1 contains an information disclosure vulnerability where external secrets are incorrectly resolved in workflow node expressions outside credentials scope. Authenticated project editors can read plaintext external secret values by referencing them in node expressions without requiring explicit secrets access permissions.
History

Wed, 15 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 15 Jul 2026 12:00:00 +0000

Type Values Removed Values Added
Description n8n before 2.28.1 contains an information disclosure vulnerability where external secrets are incorrectly resolved in workflow node expressions outside credentials scope. Authenticated project editors can read plaintext external secret values by referencing them in node expressions without requiring explicit secrets access permissions.
Title n8n - External Secrets Disclosure via Workflow Node Expressions
First Time appeared N8n
N8n n8n
Weaknesses CWE-639
CPEs cpe:2.3:a:n8n:n8n:*:*:*:*:enterprise:node.js:*:*
Vendors & Products N8n
N8n n8n
References
Metrics cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-07-15T13:25:43.797Z

Reserved: 2026-07-04T12:17:14.301Z

Link: CVE-2026-59254

cve-icon Vulnrichment

Updated: 2026-07-15T13:20:06.805Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.