Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"n8n": {
"args": [
"-y",
"n8n"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
n8n is a workflow automation platform with 400+ integrations. While not primarily an MCP server, it supports MCP connections for AI agent workflows. Self-hostable, open source, and extensible.
This server supports HTTP transport. Be the first to test it — help the community know if it works.
Five weighted categories — click any category to see the underlying evidence.
n8n: Wrong OAuth Scope on Evaluation Test Runs Endpoints
## Impact Three mutating endpoints in the evaluation test runs controller authorized state-changing actions using `workflow:read` instead of the action-appropriate `workflow:execute` scope. An authenticated user with `project:viewer` role on a project could start new evaluation test runs, cancel in-flight runs, and delete run records for workflows they only had read access to. This issue only affects instances with Advanced Permissions (Enterprise/Cloud) where projects and viewer roles are in u
n8n: SecurityScorecard Node Leaks API Token to User-Controlled Host
## Impact An authenticated user with permission to create or modify workflows and access to a SecurityScorecard credential with limited allowed domains could configure the SecurityScorecard node's report download operation to target an attacker-controlled URL. The node attached the SecurityScorecard API token to the outbound request, causing the credential to be sent to the attacker-controlled host bypassing credential configured limitations and exfiltrating. ## Patches The issue has been fixed
n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions
## Impact When `@n8n/mcp-browser` is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke browser-control tools. Where the n8n AI Browser Bridge extension is installed and a browser connection is active, an unauthenticated caller can access browser-control capabilities including navigation, JavaScript evaluation
n8n: Cross-Tenant Credential Takeover via Dynamic Credentials EE Endpoints
## Impact Three EE endpoints used by the Dynamic Credentials feature accepted any authenticated n8n session without performing per-resource ownership or scope checks on the target workflow or credential. An authenticated user with no project membership or credential sharing relationship could enumerate credential identifiers, names, and types referenced by any private workflow in the instance, initiate an OAuth authorization flow against another user's credential to overwrite its stored tokens w
n8n: Credential Exfiltration via Permission Bypass
## Impact A member-level user with editor access to a shared workflow could reference credentials they do not own via specific public API endpoints. Credential ownership checks were only enforced partially leading to cross-user credential access. This issue affects instances where workflow sharing is enabled and at least one workflow has been shared with a member-level user as an Editor. ## Patches The issue has been fixed in n8n versions 1.123.55, 2.25.7, and 2.26.2. Users should upgrade to o
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in productivity / developer-tools
Persistent memory using a knowledge graph
A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.
Manage Supabase projects — databases, auth, storage, and edge functions
MCP Security Weekly
Get CVE alerts and security updates for N8n and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.

n8n is a workflow automation platform that gives technical teams the flexibility of code with the speed of no-code. With 400+ integrations, native AI capabilities, and a fair-code license, n8n lets you build powerful automations while maintaining full control over your data and deployments.

Try n8n instantly with npx (requires Node.js):
npx n8n
Or deploy with Docker:
docker volume create n8n_data
docker run -it --rm --name n8n -p 5678:5678 -v n8n_data:/home/node/.n8n docker.n8n.io/n8nio/n8n
Access the editor at http://localhost:5678
Need help? Our community forum is the place to get support and connect with other users: community.n8n.io
n8n is fair-code distributed under the Sustainable Use License and n8n Enterprise License.
Enterprise Licenses available for additional features and support.
Additional information about the license model can be found in the docs.
Found a bug 🐛 or have a feature idea ✨? Check our Contributing Guide for a setup guide & best practices.
Want to shape the future of automation? Check out our job posts and join our team!
Short answer: It means "nodemation" and is pronounced as n-eight-n.
Long answer: "I get that question quite often (more often than I expected) so I decided it is probably best to answer it here. While looking for a good name for the project with a free domain I realized very quickly that all the good ones I could think of were already taken. So, in the end, I chose nodemation. 'node-' in the sense that it uses a Node-View and that it uses Node.js and '-mation' for 'automation' which is what the project is supposed to help with. However, I did not like how long the name was and I could not imagine writing something that long every time in the CLI. That is when I then ended up on 'n8n'." - Jan Oberhauser, Founder and CEO, n8n.io