n8n Git node SSH chain — terminal sink of CVE-2026-42231 prototype-pollution to RCE

n8n published five Critical security advisories on 2026-05-18, two on 2026-05-18 (-42231, -42232) and a follow-on cluster of three (-44789, -44790, -44791) released against later branches (n8n GHSA-q5f4-99jv-pgg5, 2026-05-18; The Hacker News, 2026-05-18). CVE-2026-42231 (CVSS 4.0: 9.4, CWE-1321) is the root cause: a prototype-pollution primitive reachable via crafted XML supplied to the xml2js library used by the n8n webhook handler. Once the global JavaScript object prototype is polluted, the chain pivots into the n8n Git node's SSH operations to achieve RCE on the n8n host by an authenticated user with workflow create / modify permission. CVE-2026-42232 (GHSA-hqr4-h3xv-9m3r, "XML Node Prototype Pollution to RCE") is a companion XML-Node prototype-pollution flaw exercising the same primitive in a second sink. The follow-on advisories: CVE-2026-44789 (GHSA-c8xv-5998-g76h, "HTTP Request Node Pagination Prototype Pollution to RCE"); CVE-2026-44790 (GHSA-57g9-58c2-xjg3, "Arbitrary File Read via Git Node" — a file-read primitive, not the SSH RCE chain); CVE-2026-44791 (GHSA-wrwr-h859-xh2r, "XML Node Prototype Pollution Patch Bypass"). Patched versions split between two branch trains: -42231 and -42232 in n8n 1.123.32 / 2.17.4 / 2.18.1; -44789, -44790 and -44791 in 1.123.43 / 2.20.7 / 2.22.1. No in-the-wild exploitation reported at the time of writing. Inclusion gate: CVSS 9.4 ≥ 9.0 (PD §2 inclusion gate via the CVSS 9.0–10.0 ENISA EUVD threshold).

CVE Summary Table