CVE-2026-42235
n8n Vulnerable to XSS via MCP OAuth client
Description
## Impact An unauthenticated attacker could register a malicious MCP OAuth client with a crafted `client_name`. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that access, a toast notification would render the injected script. Clicking the link would execute arbitrary JavaScript in the victim's authenticated n8n browser session, enabling credential and session token theft, workflow manipulation, or privilege escalation. ## Patches This issue has been fixed in n8n version 2.14.2. Users should upgrade to this version or later to remediate the vulnerability. ## Workarounds If upgrading is not immediately possible, administrators should consider the following temporary mitigations: - Restrict access to the n8n instance and the MCP OAuth registration endpoint to trusted users only. - Disable MCP server functionality if it is not actively required. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
How to fix CVE-2026-42235
To remediate CVE-2026-42235, upgrade the affected package to a fixed version below.
- —upgrade to 1.123.32 or later
Is CVE-2026-42235 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.123.32
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L |
| osv | CVSS 3.1 | HIGH8.2 | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L |