AI Threat Alert
n8n: OAuth state forgery hijacks user credentials
If your n8n deployment has N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true, an attacker can social-engineer users into surrendering their OAuth tokens to an attacker-controlled credential object. Upgrade to n8n 2.8.0 immediately and audit all OAuth credentials for unexpected access. The non-default config flag is the gating factor — if you haven't explicitly set it, you are not exposed.
Affected Systems
| Package | Ecosystem | Vulnerable Range | Patched |
|---|---|---|---|
| n8n | npm | < 2.8.0 | 2.8.0 |
Do you use n8n? You're affected.
Severity & Risk
Recommended Action
- 1. PATCH: Upgrade n8n to version 2.8.0 or later immediately. 2. CONFIG: Remove N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true from all environment configurations and container specs. 3. AUDIT: Review all OAuth credentials in your n8n instance for unexpected creation timestamps or unfamiliar connected accounts. 4. REVOKE: If compromise is suspected, revoke and re-authorize all OAuth connections from the connected service provider side. 5. DETECT: Monitor n8n workflow execution logs for runs attributed to accounts inconsistent with normal operator patterns. 6. ISOLATE: Restrict n8n instance access to fully trusted users only until patch is applied.
Classification
Compliance Impact
This CVE is relevant to:
Technical Details
NVD Description
n8n is an open source workflow automation platform. Prior to version 2.8.0, when the `N8N_SKIP_AUTH_ON_OAUTH_CALLBACK` environment variable is set to `true`, the OAuth callback handler skips ownership verification of the OAuth state parameter. This allows an attacker to trick a victim into completing an OAuth flow against a credential object the attacker controls, causing the victim's OAuth tokens to be stored in the attacker's credential. The attacker can then use those tokens to execute workflows in their name. This issue only affects instances where `N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true` is explicitly configured (non-default). The issue has been fixed in n8n version 2.8.0. Users should upgrade to this version or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Avoid enabling `N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true` unless strictly required, and/ or restrict access to the n8n instance to fully trusted users only. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
Exploitation Scenario
An attacker discovers a corporate n8n instance running with N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true (common in SSO-integrated deployments where teams disable auth on the callback to avoid redirect loop issues). The attacker creates a credential object in n8n under their account and crafts a phishing email to a legitimate n8n operator — such as a data engineer whose workflows connect Google Drive and an OpenAI integration. The email contains a link initiating an OAuth flow where the state parameter references the attacker's credential object. The victim completes the OAuth consent screen believing they are re-authorizing their own integration. Their Google OAuth tokens are silently stored in the attacker's credential. The attacker then executes workflows using the victim's identity, exfiltrating documents from connected storage, abusing LLM API quota, or pivoting to other systems accessible via the stolen tokens.
Weaknesses (CWE)
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N References
- github.com/advisories/GHSA-vpgc-2f6g-7w7x
- github.com/n8n-io/n8n/security/advisories/GHSA-vpgc-2f6g-7w7x
- nvd.nist.gov/vuln/detail/CVE-2026-33720
- github.com/n8n-io/n8n/security/advisories/GHSA-vpgc-2f6g-7w7x Vendor Mitigation
- github.com/n8n-io/n8n/security/advisories/GHSA-vpgc-2f6g-7w7x Vendor Mitigation