CVE-2026-1470

n8n and Affected Versions n8n (affected versions not specified)

Description n8n is affected by a critical Remote Code Execution (RCE) issue within its workflow Expression evaluation system. Authenticated users who supply expressions during workflow configuration may be able to execute arbitrary code in a context that lacks sufficient isolation from the underlying runtime. An attacker could exploit this to execute code with the privileges of the n8n process, potentially leading to a full compromise of the instance, including unauthorized data access, workflow modification, and system-level operations. Reports indicate approximately 599,000 to 981,000 potentially exposed instances. The issue stems from an eval injection vulnerability that allows bypassing the Expression sandbox. The vulnerability is identified as CVE-2026-1470 and has a CVSS score of 9.9.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.