n8n SecurityScorecard Node API Token Exfiltration Vulnerability

A vulnerability in the SecurityScorecard node allows an authenticated user with workflow creation/modification permissions to exfiltrate the SecurityScorecard API token by configuring the report download operation to target an attacker-controlled URL.

n8n instances where users have permission to create or modify workflows and have access to a SecurityScorecard credential with limited allowed domains.

Upgrade n8n to version 1.123.55, 2.25.7, or 2.26.1 or later. If immediate upgrade is not possible, limit workflow creation/editing permissions to trusted users and disable the SecurityScorecard node via NODES_EXCLUDE environment variable.