If you discover a security vulnerability, please report it responsibly via GitHub Security Advisories rather than opening a public issue.
We will acknowledge receipt within 48 hours and aim to provide a fix or mitigation plan within 7 days.
This policy covers the n8n-cli codebase. Issues with the n8n platform itself should be reported to n8n directly.