GHSA-57g9-58c2-xjg3 · Severity: critical · Ecosystem: npm — n8n Has an Arbitrary File Read via Git Node
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leading to full compromise. This vulnerability is fixed in 1.123.43, 2.22.1, and 2.20.7.
Conclusion & alert: CVE-2026-44790 is rated Moderate Risk (53.7/100): CVSS Critical severity, with low exploitation likelihood (EPSS 0.63%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-25 | 0.50% | 0.63% | +0.13% |
| 2 | 2026-06-24 | 0.04% | 0.50% | +0.46% |
| 3 | 2026-06-12 | — | 0.04% | — |
Full EPSS history (3 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 9.4 | 4.0 | CRITICAL |
|
— | — | [email protected] |
| 8.8 | 3.1 | HIGH |
|
2.8 | 5.9 | [email protected] |
GHSA-57g9-58c2-xjg3 · Severity: critical · Ecosystem: npm — n8n Has an Arbitrary File Read via Git Node
| URL | Tags |
|---|---|
| https://github.com/n8n-io/n8n/security/advisories/GHSA-57g9-58c2-xjg3 | Mitigation Vendor Advisory |