HomeCVE Intelligence › CVE-2026-42235
CVSS 8.2 HIGH Vulnerability

CVE-2026-42235: n8n Vulnerable to XSS via MCP OAuth client

Impact An unauthenticated attacker could register a malicious MCP OAuth client with a crafted client_name. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that access, a toast…

8.2CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-42235
Vendornpm
Affected Productn8n
Vulnerability TypeVulnerability
CVSS Score8.2 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Impact

An unauthenticated attacker could register a malicious MCP OAuth client with a crafted client_name. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that access, a toast notification would render the injected script. Clicking the link would execute arbitrary JavaScript in the victim's authenticated n8n browser session, enabling credential and session token theft, workflow manipulation, or privilege escalation.

Patches

This issue has been fixed in n8n version 2.14.2. Users should upgrade to this version or later to remediate the vulnerability.

Workarounds

• Restrict access to the n8n instance and the MCP OAuth registration

If upgrading is not immediately possible, administrators should consider the following temporary mitigations:

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-42235 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence