Critical n8n Vulnerability Threatens Workflow Automation Security

High-Stakes Security Flaw Shakes the n8n Community

Get All The Latest to Your Inbox!

A newly revealed vulnerability in n8n, a leading open-source workflow automation tool, has sent shockwaves through the cybersecurity world. With a severity score of 9.9 out of 10 on the CVSS scale, this flaw could allow authenticated users to run arbitrary operating system commands, putting countless automation platforms in jeopardy.

Inside CVE-2025-68668: The "N8scape" Vulnerability

Dubbed CVE-2025-68668 or "N8scape," this issue was uncovered by Cyera Research Labs and affects n8n versions 1.0.0 up to, but not including, 2.0.0. The problem stems from a protection mechanism failure in n8n's Python Code Node, which leverages Pyodide for code execution. This flaw lets any authenticated user with workflow editing rights exploit the system, potentially leading to deep server access, data breaches, or service outages.

Technical Insights and Risk Analysis

The vulnerability involves a "sandbox bypass" in the Python Code Node.
Attackers must be authenticated and have privileges to modify workflows, which reduces but does not eliminate the risk.
All deployments running vulnerable versions are exposed unless mitigations or updates are applied.

n8n acted swiftly, rolling out version 2.0.0 that addresses the exploit by defaulting to a more secure Python task runner.

How to Protect Your n8n Deployment
For teams unable to upgrade immediately, n8n recommends several critical steps:
Disable the Code Node: Set the NODES_EXCLUDE environment variable to block access.

Turn off Python support: Use N8N_PYTHON_ENABLED=false to prevent Python code execution.

Adopt the task runner-based sandbox: Configure N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER for enhanced security.

Since version 1.111.0, this task runner isolation has been available, but it is now mandatory in 2.0.0 and above.

A Pattern of Security Challenges

This incident follows another recent n8n vulnerability (CVE-2025-68613), also enabling arbitrary code execution. These back-to-back critical flaws spotlight the importance of continuous security audits for automation platforms and reinforce the need for robust DevOps practices.

Act Now to Secure Your Workflows

n8n administrators should prioritize upgrading to version 2.0.0 or newer without delay. If an upgrade isn't feasible, implementing the recommended mitigations is vital to reduce exposure. This episode underscores that even tools simplifying business processes can harbor significant risks if not diligently maintained and monitored.

Source: The Hacker News & CVE

in News

# automation cybersecurity DevOps n8n open source Python remote code execution vulnerability

Source: https://thehackernews.com/2026/01/new-n8n-vulnerability-99-cvss-lets.html?m=1

Joshua Berkowitz January 27, 2026

Views 660

Share this post

blogs

Our latest content

Check out what's new !

See all

Ads

Prompt Maker Image Generator

Struggling with the perfect AI image prompt? My free app helps you generate brilliant ideas and instantly creates an image to match. Go from concept to creation in two clicks!

Try It

Most Popular Articles

Check out what the hot topics are!