Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 08 Jul 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/{workflowId}/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real evaluation test run, causing the workflow to execute via the internal workflow runner and resulting in unintended outbound API calls, data mutations, or other side effects in connected downstream systems. The issue primarily affects instances using the Evaluations feature where RBAC project roles grant workflow:read without workflow:execute. | |
| Title | n8n - Incorrect OAuth Scope Validation in Workflow Test Run Endpoint | |
| First Time appeared |
N8n
N8n n8n |
|
| Weaknesses | CWE-863 | |
| CPEs | cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:* | |
| Vendors & Products |
N8n
N8n n8n |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-08T13:49:06.971Z
Reserved: 2026-06-23T01:22:22.571Z
Link: CVE-2026-56776
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T16:15:04Z