n8n Unauthenticated Denial-of-Service Vulnerability via MCP OAuth Client Registration

A denial-of-service vulnerability has been identified in n8n, an open-source workflow automation platform, affecting versions prior to 1.123.32, 2.17.4, and 2.18.1. The issue arises because the MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without proper resource controls. This allowed an unauthenticated remote attacker to send large registration payloads, exhausting server memory resources and causing the n8n instance to become unavailable. Although the MCP enable/disable toggle controls MCP access, it did not limit client registrations, leaving the endpoint accessible regardless of MCP status on the instance.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the n8n instance to become unavailable.

Remediation

Users can upgrade to n8n versions 1.123.32, 2.17.4, or 2.18.1 to address this vulnerability. If an immediate upgrade is not possible, administrators can temporarily restrict network access to the n8n instance to block requests from untrusted sources and reduce the maximum accepted payload size by lowering the N8N_PAYLOAD_SIZE_MAX environment variable from its default value. However, these workarounds do not fully eliminate the risk and should only be considered as short-term measures.