CVE-2026-44694
CRITICAL WAF: Medium
CVSS 9.1
Published: 2026-05-08
CWE-918
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client (N8N_API_URL), and per-request URLs supplied via the x-n8n-url header in multi-tenant HTTP mode. This issue has been patched in version 2.50.2.
WAF Coverage Analysis
Server-Side Request Forgery (SSRF)
Medium WAF Coverage
OWASP: A10:2021 SSRF
934xxx - Node.js / Generic Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| n8n-mcp | n8n-mcp | 2.18.7 - 2.50.2 |
References
- github.com (Patch)
- github.com (Product, Release Notes)
- github.com (Mitigation, Vendor Advisory)