socradar.io 7/17/2026, 8:11:08 AM · external

CVE-2026-59208 Flaw Lets Attackers Impersonate n8n Users

CVE-2026-59208 Flaw Lets Attackers Impersonate n8n Users
CyberSIXT Evidence Panel
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

THE article addresses CVE-2026-59208, a vulnerability in n8n Enterprise that allows for cross-issuer impersonation due to improper authentication in token exchanges. The vulnerability arises when a valid token from one issuer can be used to impersonate a user associated with another issuer because the system only verifies the token's subject (sub) without considering the issuer (iss). Affected versions include all n8n versions prior to 2.27.4 and 2.28.0. No evidence of exploitation was found as of July 16, 2026.

Organizations are advised to upgrade immediately, review their token exchange configurations, and temporarily reduce exposure if upgrades cannot be completed promptly. The article emphasizes the need for secure practices in AI and automation systems to prevent such vulnerabilities.

View full article

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline