Critical n8n Flaw Enables System Command Execution
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), could result in the execution of arbitrary system commands if successfully exploited.
The vulnerability is caused by inadequate sanitization, which bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that was previously discovered.
- Vulnerability: CVE-2026-25049
- CVSS Score: 9.4
- Previous Vulnerability: CVE-2025-68613
- CVSS Score (Previous): 9.9
It is essential for users of the n8n workflow automation platform to take immediate action to protect themselves from potential attacks. This includes updating to the latest version of the platform and being cautious when executing workflows from untrusted sources.
Building a secure digital future, one student at a time.
Recent Comments
No comments on this post yet. Be the first to comment 🙂