n8n: Open Redirect in MCP OAuth Consent Flow_CVE-2026-42230

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Description

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirect_uri values to be registered. When a user denies the MCP OAuth consent dialog, the handleDeny handler redirects the user to the registered redirect_uri without validation, enabling an open redirect to an attacker-controlled URL. An attacker can craft a phishing link and send it to a victim; if the victim clicks "Deny" on the consent page, they are silently redirected to an external site. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.

Basic Information

ID CVE-2026-42230

Source GitHub_M

Published May 4, 2026 at 18:28

Affected Product

Vendor n8n-io

Product n8n

Version < 1.123.32

Affected Versions n8n-io n8n < 1.123.32
n8n-io n8n >= 2.17.0, < 2.17.4
n8n-io n8n >= 2.18.0, < 2.18.1

CWE Classification

CWE-601

References

github.com /n8n-io/n8n/security/advisories/GHSA-f6x8-65q6-j9m9

{
    "lastseen": "",
    "description": "n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirect_uri values to be registered. When a user denies the MCP OAuth consent dialog, the handleDeny handler redirects the user to the registered redirect_uri without validation, enabling an open redirect to an attacker-controlled URL. An attacker can craft a phishing link and send it to a victim; if the victim clicks \"Deny\" on the consent page, they are silently redirected to an external site. This issue has been patched in versions 1.123.32, 2.17.4, and 2.18.1.",
    "published": "2026-05-04T18:28:43.069Z",
    "modified": "2026-05-04T18:28:43.069Z",
    "type": "cve",
    "title": "n8n: Open Redirect in MCP OAuth Consent Flow",
    "source": "GitHub_M",
    "references": "https://github.com/n8n-io/n8n/security/advisories/GHSA-f6x8-65q6-j9m9",
    "id": "CVE-2026-42230",
    "bulletinFamily": "",
    "cwe": [
        "CWE-601"
    ],
    "cvelist": null,
    "sourceData": "n8n-io n8n < 1.123.32\nn8n-io n8n >= 2.17.0, < 2.17.4\nn8n-io n8n >= 2.18.0, < 2.18.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n8n",
    "version": "< 1.123.32",
    "vendor": "n8n-io",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}