CVE-2025-52554: n8n is vulnerable to Improper Authorization through its `/stop` endpoint
An authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential business disruption.
References
- github.com/advisories/GHSA-gq57-v332-7666
- github.com/dudanogueira/n8n/commit/ca2f90c7fbaa1d661ade2f45d587d9469bc287e1
- github.com/n8n-io/n8n
- github.com/n8n-io/n8n/commit/e5edc60e344924230baafb11fa1f0af788e9ca9a
- github.com/n8n-io/n8n/pull/16405
- github.com/n8n-io/n8n/security/advisories/GHSA-gq57-v332-7666
- nvd.nist.gov/vuln/detail/CVE-2025-52554
Code Behaviors & Features
Detect and mitigate CVE-2025-52554 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →