New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Posted on By CWS

Jan 06, 2026Ravie LakshmananVulnerability / DevOps
A brand new crucial safety vulnerability has been disclosed in n8n, an open-source workflow automation platform, that would allow an authenticated attacker to execute arbitrary system instructions on the underlying host.
The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a safety mechanism failure.
It impacts n8n variations from 1.0.0 as much as, however not together with, 2.0.0, and permits an authenticated person with permission to create or modify workflows to execute arbitrary working system instructions on the host operating n8n. The problem has been addressed in model 2.0.0.
“A sandbox bypass vulnerability exists within the Python Code Node that makes use of Pyodide,” an advisory for the flaw states. “An authenticated person with permission to create or modify workflows can exploit this vulnerability to execute arbitrary instructions on the host system operating n8n, utilizing the identical privileges because the n8n course of.”

N8n mentioned it had launched process runner-based native Python implementation in model 1.111.0 as an optionally available characteristic for improved safety isolation. The characteristic might be enabled by configuring the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER atmosphere variables. With the discharge of model 2.0.0, the implementation has been made the default.
As workarounds, n8n is recommending that customers observe the outlined steps beneath –

Disable the Code Node by setting the atmosphere variable NODES_EXCLUDE: “[“n8n-nodes-base.code”]”
Disable Python help within the Code node by setting the atmosphere variable N8N_PYTHON_ENABLED=false
Configure n8n to make use of the duty runner-based Python sandbox through the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER atmosphere variables

The disclosure comes as n8n addressed one other crucial vulnerability (CVE-2025-68613, CVSS rating: 9.9) that would end in arbitrary code execution below sure circumstances.

The Hacker News Tags:, , , , , , , ,

Related Posts

U.S. Sanctions Funnull for 0M Romance Baiting Scams Tied to Crypto Fraud U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud The Hacker News
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals The Hacker News
5 Reasons Why Attackers Are Phishing Over LinkedIn 5 Reasons Why Attackers Are Phishing Over LinkedIn The Hacker News
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features The Hacker News
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected The Hacker News
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks The Hacker News