A vulnerability described as problematic has been identified in n8n-io n8n up to 1.123.54/2.25.6/2.26.1 . This affects an unknown function of the component webhookId Handler . Executing a manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2026-54302 . The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.