CVE-2026-42230 — MEDIUM (CVSS 4.7) AI Security Vulnerability

Q: What is CVE-2026-42230?

n8n has Open Redirect in MCP OAuth Consent Flow

Q: Is CVE-2026-42230 actively exploited?

No confirmed active exploitation of CVE-2026-42230 has been reported, but organizations should still patch proactively.

Q: How to fix CVE-2026-42230?

Update to patched version: n8n 1.123.32.

Q: What is the CVSS score for CVE-2026-42230?

CVE-2026-42230 has a CVSS v3.1 base score of 4.7 (MEDIUM).

## Impact The `/mcp-oauth/register` endpoint accepted OAuth client registrations without authentication, allowing arbitrary `redirect_uri` values to be registered. When a user denies the MCP OAuth consent dialog, the `handleDeny` handler redirects the user to the registered `redirect_uri` without...

Full CISO analysis pending enrichment.

Affected Systems

Package	Ecosystem	Vulnerable Range	Patched
n8n	npm	< 1.123.32	`1.123.32`
185.6K OpenSSF 6.0 16 dependents Pushed 4d ago 38% patched ~1d to patch Full package profile →

Do you use n8n? You're affected.

Severity & Risk

CVSS 3.1

4.7 / 10

EPSS

N/A

Exploitation Status

No known exploitation

Sophistication

N/A

Attack Surface

AV Network

AC Low

PR None

UI Required

S Changed

C Low

I None

A None

Recommended Action

Patch available

Update n8n to version 1.123.32

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Frequently Asked Questions

What is CVE-2026-42230?

n8n has Open Redirect in MCP OAuth Consent Flow

Is CVE-2026-42230 actively exploited?

No confirmed active exploitation of CVE-2026-42230 has been reported, but organizations should still patch proactively.

How to fix CVE-2026-42230?

Update to patched version: n8n 1.123.32.

What is the CVSS score for CVE-2026-42230?

CVE-2026-42230 has a CVSS v3.1 base score of 4.7 (MEDIUM).

Technical Details

NVD Description

## Impact The `/mcp-oauth/register` endpoint accepted OAuth client registrations without authentication, allowing arbitrary `redirect_uri` values to be registered. When a user denies the MCP OAuth consent dialog, the `handleDeny` handler redirects the user to the registered `redirect_uri` without validation, enabling an open redirect to an attacker-controlled URL. An attacker can craft a phishing link and send it to a victim; if the victim clicks "Deny" on the consent page, they are silently redirected to an external site. ## Patches The issue has been fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1. Users should upgrade to one of these versions or later to remediate the vulnerability. ## Workarounds If upgrading is not immediately possible, administrators should consider the following temporary mitigations: - Restrict network access to the n8n instance to prevent untrusted users from reaching the MCP OAuth endpoints. - Limit access to the n8n instance to fully trusted users only. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.