CVE-2023-27564

HIGH

N8n < 0.216.1 - Exposure to Wrong Actor

Title source: rule

Description

The n8n package 0.218.0 for Node.js allows Information Disclosure.

Exploits (1)

nomisec WORKING POC
by david-botelho-mariano · poc
https://github.com/david-botelho-mariano/exploit-CVE-2023-27564

References (3)

Scores

CVSS v3 7.5
EPSS 0.0389
EPSS Percentile 88.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-668
Status published

Affected Products (2)

n8n/n8n
npm/n8n < 0.216.1npm

Timeline

Published May 10, 2023
Tracked Since Feb 18, 2026