CVE-2023-27564

HIGH

N8n < 0.216.1 - Exposure to Wrong Actor

Title source: rule

The n8n package 0.218.0 for Node.js allows Information Disclosure.

nomisec WORKING POC

by david-botelho-mariano · poc

CVSS v3 7.5

EPSS 0.0389

EPSS Percentile 88.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

CWE

CWE-668

Status published

Products (2)

n8n/n8n 0.218.0

npm/n8n 0 - 0.216.1npm

Published May 10, 2023

Tracked Since Feb 18, 2026