CVE-2026-33751 | n8n-io n8n up to 1.123.26/2.13.2/2.14.0 Environment Variable searchNODES_EXCLUDE ldap injection

A vulnerability was found in n8n-io n8n up to 1.123.26/2.13.2/2.14.0. It has been rated as problematic. The impacted element is an unknown function of the component Environment Variable Handler. This manipulation of the argument searchNODES_EXCLUDE causes ldap injection.

This vulnerability is tracked as CVE-2026-33751. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More