CVE-2026-1470 Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.
n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...