Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.0
n8n: Bypassing Single Sign-On Enforcement via API
GHSA-vjf3-2gpj-233v
Summary
If a user logs in through Single Sign-On (SSO) in n8n, they can potentially disable SSO and create a local password, bypassing the organization's SSO policy and identity management. This allows them to log in with a password instead, which can compromise the security of the system. To fix this, update to n8n version 2.8.0 or later, or temporarily restrict access to trusted users and monitor audit logs for suspicious activity.
What to do
- Update GitHub Actions n8n to version 2.8.0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| GitHub Actions | n8n | <= 2.8.0 | 2.8.0 |
Original title
n8n has an SSO Enforcement Bypass in its Self-Service Settings API
Original description
## Impact
An authenticated user signed in through Single Sign-On (SSO) could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy, centralized identity management, and any identity-provider-enforced multi-factor authentication.
## Patches
The issue has been fixed in n8n version 2.8.0. Users should upgrade to this version or later to remediate the vulnerability.
## Workarounds
If upgrading is not immediately possible, administrators should consider the following temporary mitigations:
- Monitor audit logs for users who create local credentials after authenticating via SSO.
- Restrict the n8n instance to fully trusted users only.
These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
An authenticated user signed in through Single Sign-On (SSO) could disable SSO enforcement for their own account through the n8n API. This allowed the user to create a local password and authenticate directly with email and password, completely bypassing the organization's SSO policy, centralized identity management, and any identity-provider-enforced multi-factor authentication.
## Patches
The issue has been fixed in n8n version 2.8.0. Users should upgrade to this version or later to remediate the vulnerability.
## Workarounds
If upgrading is not immediately possible, administrators should consider the following temporary mitigations:
- Monitor audit logs for users who create local credentials after authenticating via SSO.
- Restrict the n8n instance to fully trusted users only.
These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
ghsa CVSS3.1
6.3
ghsa CVSS4.0
6.0
Vulnerability type
CWE-269
Improper Privilege Management
CWE-284
Improper Access Control
CWE-287
Improper Authentication
Published: 26 Feb 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026