n8n CVE-2026-42233: Oracle SQL Injection via Webhook in Database Node

n8n has become the reference low-code automation tool for enterprises, going head-to-head with Zapier and Make in the self-hosted segment. On May 4, 2026, the maintainer disclosed CVE-2026-42233 (CVSS 9.8): a critical SQL injection in the Oracle Database node, specifically on the Select operation. The Limit field accepts an expression whose value is concatenated directly into the SQL query without parameterization. In any workflow that passes external input (webhook, form, message) to this field, an attacker can inject arbitrary SQL and exfiltrate the connected Oracle database.

This is the most insidious class of vulnerability: it doesn't expose n8n directly, but turns n8n into a weapon against the databases it connects to.

Technical Details

Vulnerable component

The n8n Oracle Database node offers several operations including Select, which executes a SQL query against the configured database. The Limit field (max number of rows) accepts an n8n expression — meaning its value can be dynamically computed from workflow data, including external input.

The problem: the resolved expression value is interpolated directly into the SQL query instead of being passed as a parameter:

// Reconstructed pseudo-code — vulnerable pattern
const limit = evaluateExpression(node.parameters.limit); // external input possible
const query = `SELECT * FROM ${table} WHERE ${where} ORDER BY ${order} LIMIT ${limit}`;
oracle.execute(query); // no bind variables

If the workflow Webhook → Oracle Select is configured to pass a webhook parameter into the Limit field, the attacker calling the webhook can inject SQL.

Characteristics

Affected Products and Versions

Check your version:

# Docker
docker exec n8n n8n --version

# npm
npm list -g n8n

Exploitation and Impact

Typical scenario

An n8n workflow exposed via public webhook receives a request from outside (e.g., "how many products do you have?"). The webhook's n (limit) is passed to the Limit field of the Oracle Select node. Legitimate but trap-laden configuration.

The attacker calls the webhook with:

POST /webhook/products
Content-Type: application/json
{
  "limit": "10 UNION SELECT username, password, NULL FROM users--"
}

n8n then builds the query:

SELECT * FROM products LIMIT 10 UNION SELECT username, password, NULL FROM users--

And returns the result — including extracted credentials.

Impact

• Full Oracle database exfiltration connected to the workflow (and any database that Oracle user can reach via cross-database queries)
• Read of credentials, customer data, business secrets stored in Oracle
• Potential Oracle RCE via DBMS_SCHEDULER or xp_cmdshell equivalent (depending on the Oracle user's privileges)
• Internal pivot: Oracle DBs typically sit in a protected zone but are reachable from n8n — the attacker pivots through n8n

Exploitation conditions

Not universal — the workflow needs to:

1. Use the Oracle Database node with Select operation
2. Have the Limit field in expression mode (not a fixed value)
3. Resolve the expression to an external input (webhook, form, or upstream node receiving the input)

But these conditions are common in professional n8n deployments — webhook → DB select workflows are one of the most-used patterns.

Detection and IOCs

Workflow audit

List every workflow using the Oracle Database node:

# If you have access to the n8n DB (Postgres)
psql -d n8n -c "
  SELECT id, name FROM workflow_entity 
  WHERE nodes::text LIKE '%oracle%' AND active = true;
"

For each workflow, verify manually:

• Is the Oracle node operation set to Select?
• Is the Limit field in expression mode?
• Does the input chain trace back to a webhook or a node receiving external data?

n8n logs

# Search logs for suspicious webhook calls
grep -E "webhook.*[;\"'].*UNION|SELECT|--" /var/log/n8n/*.log

Oracle logs

-- Enable query auditing
AUDIT SELECT ON ANY TABLE BY n8n_user BY ACCESS;

Indicators:

• Queries containing UNION SELECT from the n8n Oracle account
• Massive reads from tables outside the workflow's usual scope
• Abnormal request volume coming from n8n

Mitigation and Patch

Immediate action: patch

# 1.x branch
docker pull n8nio/n8n:1.123.32

# 2.17.x branch
docker pull n8nio/n8n:2.17.4

# 2.18.x branch
docker pull n8nio/n8n:2.18.1

# Restart
docker compose up -d

Workaround if patching is delayed

1. Audit and temporarily disable every workflow passing external input to the Oracle node Limit field
2. Convert expressions to fixed values: replace {{ $json.limit }} with a hard value (10, 100)
3. Add a Function node before the Oracle node that validates and coerces the limit to an integer:

// Function node
const limit = parseInt(items[0].json.limit, 10);
if (isNaN(limit) || limit < 1 || limit > 1000) {
  throw new Error("Invalid limit");
}
return [{ json: { limit } }];

Long-term hardening post-patch

• Limit Oracle account privileges used by n8n to the strict minimum (SELECT on required tables only, no SYS, no DBMS_SCHEDULER)
• Enable Oracle auditing on the n8n account
• Put a WAF in front of public n8n webhooks
• Rotate Oracle credentials used by n8n
• Review Oracle query history for the last 30 days to detect any prior exfiltration

Why Continuous Monitoring of Automation Tools Matters

Low-code tools like n8n, Make, self-hosted Zapier, or Apache Airflow often connect critical databases to external inputs (webhook, form, scraping). A CVE like this one doesn't compromise the tool itself but the data it handles — an angle often ignored by traditional vulnerability scanners.

With cveo.tech, inventory your automation and orchestration platforms alongside your servers and databases, and get automatic alerts the moment a critical CVE targets one of your exact versions — so you patch before your legitimate workflows turn into exfiltration vectors.