n8n Exposes Servers To Remote Code Execution

n8n disclosed multiple expression-evaluation vulnerabilities (CVE-2026-25049) in a security advisory published Wednesday that could allow authenticated users to execute system commands and hijack servers. The flaws carry a CVSS score of 9.4 and follow a prior December 2025 RCE; maintainers and researchers say exploits can expose API keys and cloud/AI credentials. Patches are available and users are urged to update immediately, audit permissions, and rotate credentials.
Key Points
- 1Enable authenticated users to smuggle expressions that execute system commands on n8n hosts (CVE-2026-25049).
- 2Expose high-value credentials and AI/cloud keys due to workflows storing API tokens and session data.
- 3Require immediate patching, permission audits, and credential rotation to prevent cross-tenant and supply-chain compromise.
Scoring Rationale
High severity and confirmed vendor advisory drive score; impact concentrates on n8n deployments, though not universally across all automation platforms.
Sources
Public references used for this report.
Practice with real Retail & eCommerce data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Retail & eCommerce problems
