Critical Vulnerabilities in n8n Workflow Automation Platform Expose Systems to Remote Code Execution
The n8n workflow automation platform, widely utilized for connecting applications and automating tasks, has been found to contain critical security vulnerabilities that could allow attackers to execute arbitrary code remotely. These flaws, identified by cybersecurity researchers, pose significant risks to organizations relying on n8n for their automation needs.
Overview of the Vulnerabilities
Two primary vulnerabilities have been disclosed:
1. CVE-2026-1470: This vulnerability, with a CVSS score of 9.9, is an eval injection flaw that enables authenticated users to bypass the Expression sandbox mechanism. By passing specially crafted JavaScript code, attackers can achieve full remote code execution on n8n’s main node.
2. CVE-2026-0863: With a CVSS score of 8.5, this eval injection vulnerability allows authenticated users to circumvent n8n’s python-task-executor sandbox restrictions. This bypass permits the execution of arbitrary Python code on the underlying operating system.
Exploitation of these vulnerabilities could lead to complete control over an n8n instance, even when operating under internal execution mode. The n8n documentation advises against using internal mode in production environments due to potential security risks and recommends switching to external mode to ensure proper isolation between n8n and task runner processes.
Potential Impact
Given n8n’s role in automating workflows across organizations, it often has access to critical tools, functions, and data, including LLM APIs, sales data, and internal IAM systems. A successful attack exploiting these vulnerabilities could provide malicious actors with a skeleton key to an organization’s core infrastructure, leading to unauthorized access, data breaches, and potential system disruptions.
Mitigation Measures
To address these vulnerabilities, users are strongly advised to update their n8n instances to the following versions:
– CVE-2026-1470: Update to versions 1.123.17, 2.4.5, or 2.5.1.
– CVE-2026-0863: Update to versions 1.123.14, 2.3.5, or 2.4.2.
These updates contain patches that rectify the identified vulnerabilities, enhancing the security posture of the n8n platform.
Broader Context
These disclosures come shortly after the identification of another critical vulnerability in n8n, known as Ni8mare (CVE-2026-21858), which allows unauthenticated remote attackers to gain complete control over susceptible instances. As of late January 2026, over 39,000 n8n instances remain vulnerable to this flaw, underscoring the urgency for organizations to apply security updates promptly.
Technical Insights
The vulnerabilities highlight the challenges in securely sandboxing dynamic, high-level languages such as JavaScript and Python. Despite multiple validation layers and security controls, subtle language features and runtime behaviors can be exploited to bypass security mechanisms. In these cases, deprecated constructs and specific interpreter behaviors were sufficient to escape restrictive sandboxes and achieve remote code execution.
Recommendations for Organizations
Organizations utilizing n8n should take the following steps:
1. Immediate Updates: Ensure that all n8n instances are updated to the latest versions that address the identified vulnerabilities.
2. Review Execution Modes: Evaluate the execution mode of n8n deployments. Avoid using internal execution mode in production environments due to associated security risks.
3. Monitor for Unusual Activity: Implement monitoring to detect any unauthorized access or unusual activity within n8n instances.
4. Restrict Access: Limit access to n8n instances to trusted users and networks.
5. Regular Security Audits: Conduct periodic security assessments to identify and mitigate potential vulnerabilities in the automation infrastructure.
By proactively addressing these vulnerabilities and implementing robust security practices, organizations can safeguard their automation workflows and protect sensitive data from potential cyber threats.
