CVE-2026-25049

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.17 n8n versions prior to 2.5.2

Description n8n is an open-source workflow automation platform. An authenticated user with permission to create or modify workflows can exploit crafted expressions in workflow parameters to trigger system command execution on the host running n8n. This allows for potential full server compromise, including the theft of API keys, credentials, and secrets. The issue stems from an expression escape vulnerability and incomplete AST-based sanitization. Public exploits are available.

Recommendations Upgrade to n8n version 1.123.17 or later. Upgrade to n8n version 2.5.2 or later. As a temporary workaround, limit workflow creation and editing permissions to fully trusted users only. Deploy n8n in a hardened environment with restricted operating system privileges and network access.