转载自 n8n 论坛,原文见 Security Advisory: Security Vulnerability in n8n Versions 1.65-1.120.4 - Community Highlights - n8n Community

中文内容来自 qwen-mt 翻译

Potential impact 潜在影响

Who is affected: 受影响对象:

  • Self-hosted instances running versions 1.65-1.120.4
    运行版本 1.65–1.120.4 的自托管实例
  • If you’re running any 2.x version (including any RC/beta), you already have this security fix
    若您运行的是任意 2.x 版本(包括任何 RC 或测试版),则已内置此项安全修复
  • Cloud instances are being upgraded. You can also start the upgrade from your Cloud dashboard.
    云实例正在逐步升级中,您也可通过云控制台手动启动升级流程。

If this vulnerability were exploited, it could lead to:
若该漏洞被成功利用,可能导致:

  • In certain configurations, privilege escalation within the n8n instance
    在特定配置下,n8n 实例内部发生权限提升
  • Unauthorized access to sensitive information stored in your n8n instance
    未经授权访问您 n8n 实例中存储的敏感信息

Required action 需采取的操作

If you’re running version 1.65-1.120.4: Please update your n8n instance to version 1.121.0 (or later) as soon as possible. This version contains the necessary security fixes.
若您当前运行版本为 1.65–1.120.4:请尽快将 n8n 实例升级至 1.121.0 或更高版本。该版本已包含必要的安全修复补丁。

If you’re running any 2.x version (including any RC/beta): No action needed - you already have this security fix.
若您运行的是任意 2.x 版本(包括任何 RC 或测试版):无需额外操作 —— 您已具备此项安全修复。

📌 转载信息
原作者:
seamee
转载时间:
2026/1/9 17:36:45

标签: 安全漏洞, n8n, 版本升级, 权限提升, 自托管实例

添加新评论