CVE-2025-55526

n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/Zie619/n8n-workflows/issues/48	Exploit Issue Tracking

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:n8n:fastapi:0.115.14:::::::*
	cpe:2.3:a:n8n:pydantic:2.11.7:::::::*
	cpe:2.3:a:n8n:uvicorn:0.35.0:::::::*

cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*

History

15 Sep 2025, 19:38

Type	Values Removed	Values Added
CPE		cpe:2.3:a:n8n:uvicorn:0.35.0:::::::* cpe:2.3:a:n8n:pydantic:2.11.7:::::::* cpe:2.3:a:n8n:fastapi:0.115.14:::::::* cpe:2.3:o:microsoft:windows_11:-:::::::*
References	~~() https://github.com/Zie619/n8n-workflows/issues/48 -~~	() https://github.com/Zie619/n8n-workflows/issues/48 - Exploit, Issue Tracking
First Time		Microsoft N8n fastapi N8n pydantic Microsoft windows 11 N8n uvicorn N8n

27 Aug 2025, 15:15

Type	Values Removed	Values Added
CWE		CWE-22
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.1
Summary		(es) El commit principal ee25413 de n8n-workflows permite a los atacantes ejecutar directory traversal através de la función download_workflow dentro de api_server.py

26 Aug 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-26 14:15

Updated : 2025-09-15 19:38

NVD link : CVE-2025-55526

Mitre link : CVE-2025-55526

CVE.ORG link : CVE-2025-55526

JSON object : View

Products Affected

n8n

fastapi
pydantic
uvicorn

microsoft

windows_11

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

9.1 /10