CVE-2026-54309

n8n: n8n MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

CVSS 8.8 HIGHCWE-306

In short

n8n's browser control tool lacks authentication when running in HTTP mode, allowing anyone on the network or any website to remotely control a user's browser, including stealing cookies and executing scripts. This is critical because attackers can hijack sessions and steal sensitive data without any password or permission.

Technical detail

CVE-2026-54309 exploits missing authentication (CWE-306) in @n8n/mcp-browser's HTTP transport layer. An unauthenticated network attacker can invoke MCP session initialization and tool invocation endpoints to establish a session and execute browser-control operations (navigation, JavaScript execution, cookie/storage access) against the user's browser profile when the AI Browser Bridge extension is active. The vulnerability requires HTTP transport mode and an active browser connection, affecting versions prior to 2.25.7 and 2.26.2.

Summary generated and translated by AI from the official description.

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke browser-control tools. Where the n8n AI Browser Bridge extension is installed and a browser connection is active, an unauthenticated caller can access browser-control capabilities including navigation, JavaScript evaluation, and cookie and storage access against the user's real browser profile. This issue only affects instances where @n8n/mcp-browser is run with the HTTP transport (--transport http). This vulnerability is fixed in 2.25.7 and 2.26.2.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

Affected products

n8n-io · n8n

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-qrx8-25qr-5r7v