CVE-2026-25049

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.17 n8n versions prior to 2.5.2

Description n8n is an open source workflow automation platform. A flaw exists where an authenticated user with workflow creation or modification permissions can exploit crafted expressions within workflow parameters to trigger arbitrary system command execution on the host system. This vulnerability bypasses prior fixes and allows for potential remote code execution, potentially leading to credential theft and full host compromise. Public webhooks can be exploited to trigger remote execution.

Recommendations Upgrade n8n to version 1.123.17 or later. Upgrade n8n to version 2.5.2 or later. If upgrading is not immediately possible, limit workflow creation and editing permissions to fully trusted users only. Deploy n8n in a hardened environment with restricted operating system privileges and network access.