A vulnerability described as critical has been identified in n8n-io n8n up to 2.19.x . This issue affects some unknown processing of the file /rest/dynamic-node-parameters/options . Such manipulation leads to server-side request forgery. This vulnerability is referenced as CVE-2026-56348 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.