A vital vulnerability has been found in n8n, the favored open-source workflow automation platform, enabling authenticated attackers to execute arbitrary instructions on host methods.
The vulnerability, tracked as CVE-2025-68668, has been assigned a extreme CVSS rating of 9.9 out of 10, underscoring its excessive severity.
The safety weak point stems from a sandbox-bypass problem in n8n’s Python Code Node, which makes use of Pyodide for code execution.
This flaw permits authenticated customers with workflow-creation or modification permissions to bypass the supposed safety sandbox.
AttributeDetailsCVE IDCVE-2025-68668Packagen8n (npm)SeverityCritical (9.9/10 CVSS)Affected Variations≥ 1.0.0 and < 2.0.0Vulnerability TypeSandbox Bypass / Safety Mechanism Failure (CWE-693)Assault VectorNetworkImpactArbitrary command execution on the host system
Execute arbitrary instructions immediately on the host system working n8n, utilizing the identical privileges because the n8n course of.
The vulnerability impacts all n8n variations from 1.0.0 by means of 1.111.0, exposing a variety of deployments to potential compromise.
The assault is low-complexity and requires no consumer interplay, requiring solely community entry and low-level authentication privileges.
Exploiting CVE-2025-68668 can result in full system compromise, as attackers can execute instructions with n8n course of privileges.
The vulnerability’s “Modified” scope classification signifies that the affect extends past the susceptible part itself and should have an effect on sources exterior n8n’s safety scope.
The weak point is categorized as CWE-693 (Safety Mechanism Failure), indicating that n8n’s safety controls didn’t present satisfactory protection towards directed assaults concentrating on the Python execution setting.
n8n has addressed this vital vulnerability in model 2.0.0 by implementing a task-runner-based native Python execution mannequin that gives enhanced isolation.
Organizations working affected variations ought to instantly improve to model 2.0.0 or later. In response to n8n advisories posted on GitHub, organizations unable to improve instantly can mitigate threat by making use of short-term workarounds.
Disable the Code Node totally by setting the NODES_EXCLUDE setting variable to exclude n8n-nodes-base.code. Disable Python assist by setting the setting variable N8N_PYTHON_ENABLED=false (out there from model 1.104.0).
Use a sandboxed Python execution mannequin by enabling the duty runner–primarily based Python sandbox by means of the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER setting variables.
Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.
