New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Posted on By CWS

Jan 06, 2026Ravie LakshmananVulnerability / DevOps
A brand new crucial safety vulnerability has been disclosed in n8n, an open-source workflow automation platform, that would allow an authenticated attacker to execute arbitrary system instructions on the underlying host.
The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a safety mechanism failure.
It impacts n8n variations from 1.0.0 as much as, however not together with, 2.0.0, and permits an authenticated person with permission to create or modify workflows to execute arbitrary working system instructions on the host operating n8n. The problem has been addressed in model 2.0.0.
“A sandbox bypass vulnerability exists within the Python Code Node that makes use of Pyodide,” an advisory for the flaw states. “An authenticated person with permission to create or modify workflows can exploit this vulnerability to execute arbitrary instructions on the host system operating n8n, utilizing the identical privileges because the n8n course of.”

N8n mentioned it had launched process runner-based native Python implementation in model 1.111.0 as an optionally available characteristic for improved safety isolation. The characteristic might be enabled by configuring the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER atmosphere variables. With the discharge of model 2.0.0, the implementation has been made the default.
As workarounds, n8n is recommending that customers observe the outlined steps beneath –

Disable the Code Node by setting the atmosphere variable NODES_EXCLUDE: “[“n8n-nodes-base.code”]”
Disable Python help within the Code node by setting the atmosphere variable N8N_PYTHON_ENABLED=false
Configure n8n to make use of the duty runner-based Python sandbox through the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER atmosphere variables

The disclosure comes as n8n addressed one other crucial vulnerability (CVE-2025-68613, CVSS rating: 9.9) that would end in arbitrary code execution below sure circumstances.

The Hacker News Tags:, , , , , , , ,

Related Posts

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign The Hacker News
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery The Hacker News
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year The Hacker News
FBI Warns of Rising ATM Jackpotting Losses Exceeding M FBI Warns of Rising ATM Jackpotting Losses Exceeding $20M The Hacker News
Helping CISOs Speak the Language of Business Helping CISOs Speak the Language of Business The Hacker News
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data The Hacker News