QwikSec

Security Database

CVE

CWE

Training

CVE-2025-52554

Published: Jul 3, 2025

Modified: Jul 3, 2025

PUBLISHED

Description

n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential business disruption. This issue has been patched in version 1.99.1. A workaround involves restricting access to the /rest/executions/:id/stop endpoint via reverse proxy or API gateway.

Vendor	Product	Versions
n8n-io	n8n	affected `< 1.99.1`

Weaknesses (CWE)

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-gq57-v332-7666

x_refsource_CONFIRM

https://github.com/n8n-io/n8n/pull/16405

x_refsource_MISC

https://github.com/dudanogueira/n8n/commit/ca2f90c7fbaa1d661ade2f45d587d9469bc287e1

x_refsource_MISC

https://github.com/n8n-io/n8n/commit/e5edc60e344924230baafb11fa1f0af788e9ca9a

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.