SCA: security update for n8n-mcp (GHSA-56c3-vfp2-5qqj)

high Tenable Self-Hosted Container Security Plugin ID 441031

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and
operations. In versions 2.47.4 through 2.47.13, the SDK embedder path (N8NDocumentationMCPServer
constructor, getN8nApiClient(), and validateInstanceContext()), the synchronous URL validator in
SSRFProtection.validateUrlSync() had no IPv6 checks. IPv4-mapped IPv6 addresses such as
http://[::ffff:169.254.169.254] bypassed the cloud-metadata, localhost, and private-IP range checks. An
attacker able to supply an n8nApiUrl value could cause the server to issue HTTP requests to cloud metadata
endpoints, RFC1918 private networks, or localhost services. Response bodies are returned to the caller
(non-blind SSRF), and the n8nApiKey is forwarded in the x-n8n-api-key header to the attacker-controlled
target. Projects with deployments embedding n8n-mcp as an SDK using N8NDocumentationMCPServer or
N8NMCPEngine with user-supplied InstanceContext are affected. The first-party HTTP server deployment was
not primarily affected — it has a second async validator (validateWebhookUrl) that catches IPv6 addresses.
This issue has been fixed in version 2.47.14. If users are unable to upgrade immediately as a workaround
they can validate URLs before passing to the SDK, restrict egress at the network layer, and reject user-
controlled n8nApiUrl values. (CVE-2026-42449)

Solution

Update the n8n-mcp library and its related packages to version 2.47.14 or later.

See Also

https://github.com/advisories/GHSA-56c3-vfp2-5qqj

Plugin Details

Severity: High

ID: 441031

Version: Revision 1.8

Type: Local

Family: SCA Checks

Published: 4/30/2026

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3.9

Percentile: 52.77

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:N

CVSS Score Source: CVE-2026-42449

CVSS v3

Risk Factor: High

Base Score: 8.5

Temporal Score: 7.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 4/30/2026

Vulnerability Publication Date: 4/30/2026

Reference Information

CVE: CVE-2026-42449

cwe: CWE-918