Security Advisory - Published 2026-06-24 - Workflow and AI apps

n8n and Open WebUI: review data paths before reopening public access

These CVEs are tied to application data paths: n8n Source Control imports, n8n MongoDB workflows, Open WebUI web fetch, and Milvus-backed RAG collections. Patch the app, then check which users could trigger those paths and what data they touched.

Defensive scope: check owned instances, repositories, workflows, knowledge bases, and logs. Do not probe third-party n8n or Open WebUI deployments.

Affected systems

CVEProductAffected / fixedReviewCVSS
CVE-2026-44792n8n< 1.123.43 / 2.20.7 / 2.21.1Source Control8.9
CVE-2026-54018Open WebUI<= 0.9.57.7
CVE-2026-54313n8n< 2.24.0MongoDB node6.5
CVE-2026-54019Open WebUI<= 0.9.5Milvus6.5

Owner self-check

grep -Rni 'n8n\\|open-webui\\|milvus\\|mongodb\\|source control' docker-compose.yml .env package.json package-lock.json pnpm-lock.yaml 2>/dev/null
docker ps | egrep -i 'n8n|open-webui|milvus|postgres|mongo'
grep -Rni 'Source Control\\|MongoDB\\|Find And Replace\\|SafePlaywrightURLLoader\\|Milvus\\|collection' logs storage data 2>/dev/null | tail -180
docker logs --since 7d $(docker ps -q --filter name=n8n) 2>/dev/null | egrep -i 'source control|pull|postgres|mongodb|workflow|error'
docker logs --since 7d $(docker ps -q --filter name=open-webui) 2>/dev/null | egrep -i 'playwright|rag|milvus|collection|web fetch|error'

What to review

  • n8n: Source Control enabled state, connected repositories, users who can write to those repositories, and recent admin pull events.
  • n8n: workflows using MongoDB Find And Replace, workflow editors, and changed workflow definitions.
  • Open WebUI: RAG web fetch settings, Playwright loader use, outbound network policy, and web fetch logs.
  • Open WebUI: Milvus multitenancy mode, knowledge-base collection names, ACL settings, and collection access logs.

Safe fix path

  1. Upgrade n8n to the fixed branch for your deployment: 1.123.43, 2.20.7, 2.21.1, or newer for Source Control; 2.24.0 or newer for the MongoDB node issue.
  2. Upgrade Open WebUI to 0.9.6 or newer.
  3. Temporarily disable Source Control pulls, RAG web fetch, and public Open WebUI access during review if exposure is unclear.
  4. Preserve workflow exports, repository commits, app logs, and database logs before rotating credentials.

Repair help

Use Ping7 CVE Repair when Source Control pulled from a shared repository, MongoDB workflows changed, Open WebUI web fetch was public, or Milvus collection access needs review.

References

Author: Ping7 security team - Published: 2026-06-24 - n8n and Open WebUI CVE batch - Defensive self-check only.