CVE-2026-25056

CVSS v4.0

9.4

Critical

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.118.0 n8n versions prior to 2.4.0

Description n8n is a workflow automation platform. A flaw in the Merge node’s SQL Query mode permitted authenticated users with workflow creation or modification rights to write arbitrary files to the n8n server’s filesystem, potentially resulting in remote code execution. The issue affects users with the ability to create or modify workflows.

Recommendations Update to n8n version 1.118.0 or later. Update to n8n version 2.4.0 or later.

Exploit

Fix

RCE

Unrestricted File Upload

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434CWE-693

Related Identifiers

BDU:2026-02171

CVE-2026-25056

GHSA-HV53-3329-VMRM

Affected Products

N8N

CVE-2026-25056

Weakness Enumeration

Related Identifiers

Affected Products

References · 12