—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Remote Code Execution Vulnerabilities in n8n 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Software Affected

n8n versions prior to 1.123.17

n8n versions prior to 2.4.5

n8n versions prior to 2.5.1

n8n versions prior to 1.123.14

n8n versions prior to 2.3.5

n8n versions prior to 2.4.2

Overview

Multiple vulnerabilities have been reported in n8n workflow automation platform which could allow an attacker to execute arbitrary code on the affected system.

 

Target Audience:

All end-user organizations responsible for deploying, securing, and maintaining n8n.

Risk Assessment:

Very high risk of remote code execution and system compromise.

Impact Assessment:

Potential for unauthorized access, full system takeover, exposure of credentials and sensitive data.

Description

n8n is an open-source workflow automation platform that lets users build and run integrations and automations across applications using low-code and custom scripts.

These vulnerabilities exist in n8n workflow automation platform due to an eval injection vulnerability caused by insufficient sandbox isolation in its JavaScript expression engine and Python task execution environment. An attacker could exploit these vulnerabilities by executing specially crafted code that escapes the sandbox.

Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code leading to full compromise of the n8n instance, exposure of sensitive data and credentials, or potential lateral movement to connected systems.

Solution

Apply appropriate security updates as mentioned in

https://n8n.io/legal/security/

Vendor Information

n8n

https://n8n.io/

References

 

https://github.com/advisories/GHSA-5xrp-6693-jjx9

https://github.com/advisories/GHSA-j6wg-29xj-2fjf

https://research.jfrog.com/vulnerabilities/n8n-expression-node-rce/

https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077/

CVE Name

CVE-2026-1470

CVE-2026-0863

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAml8z50ACgkQ3jCgcSdc

ys8R8RAApcaN5MI+jsqB5m53xaAavqUTrbBjabxOrTdSS7viANHXX2MnwVU8Hs1I

6BGqqqAYNik25ZOFCKq/chh6tnxkxbweytLw5+289b+wYiVpFRVXjhYlszFBpqqz

8GYq9lWbLT+T5Wk15+0bolFj8LK3M6qC3XM6NTI9fLMzF76bb0xxIdLWYhXrXwBA

ZyiMvXOrul6ofEqaXy8McyXTkeuC5Od8lOY942jc/hcP41/JpxP1drjUNs7YoCYV

O/b1ABjHKlmUA6J9NkPajPhjS1mKLl1B0+C7xMrxWxR0OOQJ+LDOr7DEAgz8kT9N

j6JN9WgQ0IoJU/z67g3AZYTmrXm9DKP74Dd/AW7IGRikBne8f446rNMmzm3XmXd+

Lt+EZ5AGfqAiHU22sMsHKfZKOPEqLnrSxML9WflPYnQcF1DzuKPzwOcW6JFIdXdH

CUmtZC0FtvhkA39QyZwAkI9/+oAcx0MHAYKHQxmvE1a96/f7HB7bB/behzF1ZiGG

r3npPTR4BHTdp8z/++rLT28hZSn/B3jzccJxN1HFsW2pTxFyXVBSwVZt91BaQ2W3

WYRs3/xo6qekHsu3sUPAkSADT8qD8i6PyG+klTOrdxaaWRGEVIJ57LUC7hOaQiTo

1en3+SA+3jJO+b9pxaZsyYW7fzaNPfHSc/7eYG9twTTVXw7OfbA=

=c6ya

—–END PGP SIGNATURE—–