N8n
Officialn8n · by n8n-io
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
1 open CVE
No license
Actively maintained
Last commit 0d ago
Works with most clients
Transport: stdio, sse
0 tools
Grade F
Step 1
Install in your client
Config is the same across clients — only the file and path differ.
CD
Supported in Claude Desktopstdio, sse · Node 18+
Paste into ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"n8n": {
"args": [
"-y",
"n8n"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Embed in your READMEAbout badges →
[](https://mcppedia.org/s/n8n)
Read me
What N8n does
n8n is a workflow automation platform with 400+ integrations. While not primarily an MCP server, it supports MCP connections for AI agent workflows. Self-hostable, open source, and extensible.
Test This Server
This server supports HTTP transport. Be the first to test it — help the community know if it works.
Scored, not listed
Why this score
Five weighted categories — click any category to see the underlying evidence.
Score breakdown
64/100across 5 weighted dimensions
0255075100
19
20
15
10
−36
Security
Maintenance
Efficiency
Documentation
Compatibility
Categoriesclick a row to see evidence
Security
OSV.dev1 open77 fixed
CVE-2026-45732medium · fixedCVSS 4
n8n Has a Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints
## Impact The OAuth1 and OAuth2 credential reconnect endpoints authorized access using `credential:read` rather than `credential:update`. An authenticated user with read-only access to a shared credential could initiate an OAuth reconnect flow and overwrite the stored token material for that credential with tokens bound to an external account they control. Workflows relying on the affected credential would subsequently execute under the attacker's OAuth identity, enabling data exfiltration to at
CVE-2026-44792medium · fixedCVSS 4
n8n Has a Source Control Pull SQL Injection
## Impact An attacker with write access to the git repository connected to an n8n Source Control configuration could commit a malicious Data Table JSON file containing a crafted column name. When an administrator performed a Source Control Pull, n8n imported the file and could lead to SQL injection on the internal PostgreSQL instance. Exploitation requires all of the following conditions: - The n8n instance uses PostgreSQL as its database backend. - The Source Control feature is enabled and con
CVE-2026-44791medium · fixedCVSS 4
n8n Has an XML Node Prototype Pollution Patch Bypass
## Impact An authenticated user with permission to create or modify workflows could bypass the patch for GHSA-hqr4-h3xv-9m3r in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. ## Patches The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users should upgrade to one of these versions or later to remediate the vulnerability. ## Workarounds If upgrading is not immediately possible, administrators should consider the following temporary mit
CVE-2026-44790medium · fixedCVSS 4
n8n Has an Arbitrary File Read via Git Node
## Impact An authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leading to full compromise. ## Patches The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users should upgrade to one of these versions or later to remediate the vulnerability. ## Workarounds If upgrading is not immediately possible, administrators should consider th
CVE-2026-44789medium · fixedCVSS 4
n8n: HTTP Request Node Pagination Prototype Pollution to RCE
## Impact An authenticated user with permission to create or modify workflows could achieve global prototype pollution via an unvalidated pagination parameter in the HTTP Request node. Combined with other techniques this could lead to RCE on the instance. ## Patches The issue has been fixed in n8n versions 1.123.43, 2.20.7, and 2.22.1. Users should upgrade to one of these versions or later to remediate the vulnerability. ## Workarounds If upgrading is not immediately possible, administrators s
Community
Reviews
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
How easy was setup?Did it work reliably?How was the documentation?
Sign in to write a review.
Frequently Asked Questions
- Is N8n safe to use?
- N8n has 1 known CVE tracked by MCPpedia. You can verify these on OSV.dev by searching for "n8n". Review the Security section above for details before installing.
- How do I install N8n?
- N8n supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
- What AI clients work with N8n?
- N8n is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
- Is N8n actively maintained?
- N8n is actively maintained — last commit was 0 days ago. It has 188,258 GitHub stars.
Related
Similar servers
Others in productivity / developer-tools
Supabase MCP Server97Manage Supabase projects — databases, auth, storage, and edge functions
2.7k 4
X
XcodeBuildMCP97XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.
5.6k 1
XcodeBuildMCP97A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
5.6k 2
G
Mcp Gitlab96MCP server for using the GitLab API
1.5k 12
MCP Security Weekly
Get CVE alerts and security updates for N8n and similar servers.
Community
Discussion
Start a conversation
Ask a question, share a tip, or report an issue.
Has anyone used this with Cursor?How do you handle auth?Any alternatives?
Sign in to join the discussion.