Critical Security Vulnerability Discovered in n8n Workflow Automation Platform
A significant security vulnerability has been identified in the n8n workflow automation platform, posing a serious risk of arbitrary command execution on affected systems. Tracked as CVE-2026-25049 and rated with a CVSS score of 9.4, this flaw results from insufficient validation measures, circumventing previous protections established for another severe vulnerability, CVE-2025-68613, which was patched in December 2025.
The n8n team acknowledged the discovery of this critical flaw in an advisory issued Wednesday, highlighting that an authenticated user with permissions to create or modify workflows could exploit specially crafted expressions within workflow parameters. This exploitation could lead to unintended system command execution on the server hosting n8n.
The vulnerability particularly affects n8n versions earlier than 1.123.17 and 2.5.2, creating significant risks for users still operating on older versions. Cybersecurity researchers, including the original reporter of CVE-2025-68613, Fatih Çelik, and experts from Endor Labs and Pillar Security, have been recognized for their contributions to identifying and detailing this issue.
In an in-depth analysis, Çelik noted that CVE-2026-25049 essentially serves as a bypass for the initial vulnerability fix, allowing attackers to circumvent the n8n expression sandboxing mechanisms. Given the platform’s reliance on webhooks, an attacker could create a publicly accessible workflow without authentication. By cleverly manipulating JavaScript syntax in the workflow, an attacker can execute system-level commands remotely, thereby posing grave risks to any exposed infrastructure.
The potential impact of this vulnerability is considerable. Malicious actors could compromise servers, steal credentials, exfiltrate sensitive data, and install persistent backdoors for long-term access. By leveraging n8n’s webhook capabilities, threat actors can create workflows that execute arbitrary commands, increasing the severity of the attack exponentially once exposed to the internet.
Pillar Security highlighted that the lack of robust controls allows attackers elaborate access to API keys, cloud provider credentials, and various sensitive systems. As stated in their report, without stringent checks in place, creating a workflow effectively gives an attacker ownership of the server.
Endor Labs further elaborated on the mechanics behind the vulnerability, pointing out the disconnect between TypeScript’s static type enforcement and JavaScript’s dynamic runtime behavior. While TypeScript may check types during compilation, it fails to handle values produced at runtime by an attacker, enabling malicious actors to bypass sanitization checks entirely.
For operators of n8n, immediate updates to the latest versions are critical for ensuring optimal security. In cases where immediate patching is impractical, they are advised to limit access to trusted users only, deploy n8n in hardened environments, and implement strict network access controls to mitigate the risk of exploitation.
In addition to CVE-2026-25049, n8n has reported 11 other vulnerabilities, five of which have also been marked as critical. These vulnerabilities expose systems to various severe risks, ranging from command injection and cross-site scripting to path traversal and SQL injection attacks.
Considering the unique flexibility and power of n8n, the implications of these vulnerabilities are particularly high. Rapidly resolving these issues is paramount for business owners who depend on automation tools to streamline operations while safeguarding against potential cybersecurity threats.
Analysis of Adversary Tactics and Techniques
This vulnerability aligns with several tactics outlined in the MITRE ATT&CK framework, notably under categories such as initial access, where unauthorized execution of system commands could occur, and privilege escalation, potentially allowing attackers to gain further system access or control. The combination of these vulnerabilities could ultimately lead to complete environments being compromised, thereby amplifying the urgency for timely updates and vigilant security practices among users.