CVE-2026-25049

CRITICAL9.4

Description

n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This issue has been patched in versions 1.123.17 and 2.5.2.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

High

Integrity (Subsequent System)

High

Availability (Subsequent System)

High

Affected products

n8n-io / n8n< 1.123.17 – < 1.123.17
n8n-io / n8n< 2.5.2 – < 2.5.2

References

VENDOR_ADVISORYhttps://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8
PATCHhttps://github.com/n8n-io/n8n/commit/7860896909b3d42993a36297f053d2b0e633235d
PATCHhttps://github.com/n8n-io/n8n/commit/936c06cfc1ad269a89e8ef7f8ac79c104436d54b