CVE-2026-44790
CLI Flag Injection vulnerability in n8n (npm)

CLI Flag Injection No known exploit

What is CVE-2026-44790 About?

This vulnerability enables an authenticated user to inject CLI flags into the Git node's Push operation, allowing arbitrary file reads. This can potentially lead to a full system compromise, and its exploitation is relatively straightforward for an authenticated attacker.

Affected Software

  • n8n
    • <1.123.43
    • >=2.21.0, <2.22.1
    • >=2.0.0-rc.0, <2.20.7

Technical Details

An authenticated user with workflow creation or modification privileges can inject malicious CLI flags into the Git node's Push operation. By manipulating the input processed by the Git node, the attacker can cause the underlying Git command to execute with parameters that allow reading arbitrary files from the n8n server's file system. This unauthorized file access can expose sensitive configuration, source code, or credentials, which could then be used to escalate privileges and achieve full compromise of the n8n instance.

What is the Impact of CVE-2026-44790?

Successful exploitation may allow attackers to read arbitrary files from the server, potentially leading to information disclosure, credential theft, and full system compromise.

What is the Exploitability of CVE-2026-44790?

Exploitation requires an authenticated user with permissions to create or modify workflows. The attack is remote, originating from the malicious workflow configuration. The complexity is medium, primarily involving knowledge of Git CLI options and crafting the injection payload within the workflow. No additional user interaction is required beyond an administrator applying the workflow, but understanding the Git node's functionality is a prerequisite. The risk is heightened in environments where workflow creation is broadly permitted.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for CVE-2026-44790?

Available Upgrade Options

  • n8n
    • <1.123.43 → Upgrade to 1.123.43
  • n8n
    • >=2.0.0-rc.0, <2.20.7 → Upgrade to 2.20.7
  • n8n
    • >=2.21.0, <2.22.1 → Upgrade to 2.22.1

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to CVE-2026-44790?

Similar Vulnerabilities: CVE-2023-45803 , CVE-2021-41277 , CVE-2022-21703 , CVE-2022-0738 , CVE-2023-38887

All Rights reserved 2025
Privacy Policy