GHSA-fvfv-ppw4-7h2w

Suggest an improvement
Source
https://github.com/advisories/GHSA-fvfv-ppw4-7h2w
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-fvfv-ppw4-7h2w/GHSA-fvfv-ppw4-7h2w.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-fvfv-ppw4-7h2w
Published
2026-02-26T22:46:42Z
Modified
2026-02-26T23:18:02.213648Z
Severity
  • 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
  • 6.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
n8n has a Guardrail Node Bypass
Details

Impact

An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions.

Patches

The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability.

Workarounds

If upgrading is not immediately possible, administrators should consider the following temporary mitigations: - Limit access to trusted users. - Review asses the practical impact of guardrail bypasses in your usecase and adjust your workflow accordingly.

These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Database specific 
{
    "github_reviewed_at": "2026-02-26T22:46:42Z",
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-20",
        "CWE-693"
    ],
    "severity": "MODERATE",
    "github_reviewed": true
}
References

Affected packages

npm / n8n

Package

Name
n8n
View open source insights on deps.dev
Purl
pkg:npm/n8n

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.10.0

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-fvfv-ppw4-7h2w/GHSA-fvfv-ppw4-7h2w.json"