CVE-2026-44789 Overview
CVE-2026-44789 is a prototype pollution vulnerability in n8n, an open source workflow automation platform. The flaw exists in the HTTP Request node, where an unvalidated pagination parameter allows authenticated users to pollute the global JavaScript prototype chain. Any user with permission to create or modify workflows can trigger the vulnerability.
When combined with other techniques, prototype pollution can lead to remote code execution on the n8n instance. The vulnerability affects all versions prior to 1.123.43, 2.22.1, and 2.20.7. The issue is tracked under CWE-1321 as Improperly Controlled Modification of Object Prototype Attributes.
Critical Impact
Authenticated users with workflow creation privileges can pollute global prototypes and potentially achieve remote code execution on the n8n instance.
Affected Products
- n8n versions prior to 1.123.43
- n8n versions prior to 2.22.1
- n8n versions prior to 2.20.7
Discovery Timeline
- 2026-06-23 - CVE-2026-44789 published to NVD
- 2026-06-24 - Last updated in NVD database
Technical Details for CVE-2026-44789
Vulnerability Analysis
The vulnerability resides in the HTTP Request node of n8n, a core component used to make outbound HTTP calls within automated workflows. The pagination parameter passed to this node is not properly validated before being merged into JavaScript objects. This allows attacker-controlled keys such as __proto__, constructor, or prototype to modify the base Object prototype.
Once the global prototype is polluted, every object in the Node.js runtime inherits the injected properties. This behavior creates the foundation for subsequent attack chains. Adversaries can combine prototype pollution with gadgets in n8n or its dependencies to escalate from authenticated workflow access to full remote code execution.
Root Cause
The root cause is improper input validation on the pagination parameter consumed by the HTTP Request node. Object merge operations recursively assign user-supplied keys without filtering reserved prototype properties. The lack of an allowlist or sanitization step on parameter names allows pollution of Object.prototype at runtime.
Attack Vector
Exploitation requires network access to the n8n web interface and authenticated credentials with workflow edit permissions. The attacker constructs a workflow that uses the HTTP Request node with a crafted pagination parameter containing prototype-polluting keys. Triggering the workflow injects properties into Object.prototype, affecting subsequent operations across the entire Node.js process.
No verified public proof-of-concept code is available. Refer to the GitHub Security Advisory GHSA-c8xv-5998-g76h for vendor-provided technical details.
Detection Methods for CVE-2026-44789
Indicators of Compromise
- Workflow definitions containing pagination parameter keys such as __proto__, constructor, or prototype
- Unexpected modifications to existing workflows by accounts with minimal historical activity
- Anomalous outbound HTTP requests originating from the n8n process following workflow edits
- Node.js process crashes or unusual behavior after workflow execution
Detection Strategies
- Audit workflow JSON exports for prototype-polluting key names in HTTP Request node configurations
- Monitor n8n audit logs for workflow creation or modification events from non-administrative users
- Inspect HTTP Request node parameters in stored workflow definitions for suspicious nested keys
- Correlate authenticated user activity with deviations in n8n runtime behavior
Monitoring Recommendations
- Enable verbose logging on the n8n instance and forward logs to a centralized analytics platform
- Track process spawn events from the n8n Node.js runtime for unexpected child processes
- Alert on workflow imports containing the strings __proto__ or prototype in parameter fields
- Review user role assignments to identify accounts with workflow modification permissions
How to Mitigate CVE-2026-44789
Immediate Actions Required
- Upgrade n8n to version 1.123.43, 2.22.1, or 2.20.7 depending on your release branch
- Audit existing workflows for malicious pagination parameters in HTTP Request nodes
- Review user accounts with workflow creation or edit permissions and revoke unnecessary access
- Rotate any credentials or API keys stored within n8n if compromise is suspected
Patch Information
The vendor has released fixed versions 1.123.43, 2.22.1, and 2.20.7. Patch details and version-specific guidance are documented in the n8n GitHub Security Advisory GHSA-c8xv-5998-g76h.
Workarounds
- Restrict workflow creation and modification permissions to trusted administrators only
- Place the n8n management interface behind a VPN or network-level access control
- Disable or restrict use of the HTTP Request node where feasible until patches are applied
- Monitor and review all workflow changes through code review processes before activation
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

