CVE-2025-68668

Name of the Vulnerable Software and Affected Versions n8n versions 1.0.0 through 1.111.0

Description n8n, an open-source workflow automation platform, contains a sandbox bypass vulnerability in the Python Code Node that utilizes Pyodide. An authenticated user with the ability to create or modify workflows can exploit this flaw to execute arbitrary commands on the host system, with the same privileges as the n8n process. This vulnerability, tracked as CVE-2025-68668, has a CVSS score of 9.9 (Critical). The issue stems from a protection mechanism failure within the Python Code Node's sandbox. Exploitation involves leveraging the sandbox bypass to gain access to the underlying operating system. Workarounds include disabling the Code Node via the environment variable

NODES EXCLUDE

, disabling Python support using the environment variable

N8N PYTHON ENABLED

, or configuring n8n to use the task runner-based Python sandbox via the

N8N RUNNERS ENABLED

and

N8N NATIVE PYTHON RUNNER

environment variables.

Recommendations Upgrade to n8n version 2.0.0 or later. As a temporary workaround, set the environment variable

NODES EXCLUDE

to "["n8n-nodes-base.code"]" to disable the Code Node. If using n8n version 1.104.0 or later, set the environment variable

N8N PYTHON ENABLED

to

false

to disable Python support in the Code node. Configure n8n to use the task runner-based Python sandbox by setting the

N8N RUNNERS ENABLED

and

N8N NATIVE PYTHON RUNNER

environment variables.