216.73.217.64

CVE-2025-52554

· Published 03/07/2025 20:15 · Modified 03/07/2025 20:15

Labels: CVE-2025-52554 2025-07-03CVE-2025-52554CWE-862[email protected]

Essential information

Published
03/07/2025 20:15
Modified
03/07/2025 20:15
Author
Creator
CVSS
4.9 MEDIUM (v3) 4.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential business disruption. This issue has been patched in version 1.99.1. A workaround involves restricting access to the /rest/executions/:id/stop endpoint via reverse proxy or API gateway.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
n8n / n8n cpe:2.3:a:n8n:n8n:<1.99.1:*:*:*:*:*:*:*

References