Vulnerability	Vulnerable Version
C Time-of-check Time-of-use (TOCTOU) Race Condition n8n-core is a Core functionality of n8n Affected versions of this package are vulnerable to Time-of-check Time-of-use (TOCTOU) Race Condition via improper file access controls in the workflow creation or modification process. An attacker can modify sensitive host system files, including configuration data, and obtain user credentials by leveraging permissions to create or modify workflows. This can result in complete account takeover of any user on the instance. How to fix Time-of-check Time-of-use (TOCTOU) Race Condition? Upgrade `n8n-core` to version 1.122.12, 2.4.4 or higher.	<1.122.12>=2.0.0 <2.4.4

Time-of-check Time-of-use (TOCTOU) Race Condition

n8n-core is a Core functionality of n8n

Affected versions of this package are vulnerable to Time-of-check Time-of-use (TOCTOU) Race Condition via improper file access controls in the workflow creation or modification process. An attacker can modify sensitive host system files, including configuration data, and obtain user credentials by leveraging permissions to create or modify workflows. This can result in complete account takeover of any user on the instance.

How to fix Time-of-check Time-of-use (TOCTOU) Race Condition?

Upgrade n8n-core to version 1.122.12, 2.4.4 or higher.

<1.122.12>=2.0.0 <2.4.4

Go back to all versions of this package