CVE-2026-56350 - CERT CVE
ID CVE-2026-56350
Sažetak n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypassing organizational SSO policies and identity-provider-enforced multi-factor authentication.
Reference
CVSS
Base: 6.3
Impact: 4.0
Exploitability:1.8
Pristup
VektorSloženostAutentikacija
NETWORK HIGH LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N
Zadnje važnije ažuriranje 02-07-2026 - 19:38
Objavljeno 30-06-2026 - 23:17