n8n Unsafe Workflow Expression Evaluation Allows Remote Code Execution

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

CVE-2026-1470

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

CVE-2026-1470

CVE-2026-1470 affects n8n: a critical Remote Code Execution in the workflow Expression evaluation system where expressions from authenticated users are evaluated in a runtime context that isn’t sufficiently isolated. This allows an authenticated attacker to execute arbitrary code with the n8n pro...

EUVD-2026-4839

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

CVE-2025-68613

n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution RCE vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated...

PT-2025-52530

Name of the Vulnerable Software and Affected Versions n8n versions 0.211.0 through 1.120.3 Description n8n, an open-source workflow automation platform, is affected by a critical Remote Code Execution RCE vulnerability CVE-2025-68613 with a CVSS score of 9.9. This flaw stems from an expression...

n8n 安全漏洞

n8n is a scalable workflow automation tool from n8n open source. A security vulnerability exists in n8n versions 0.211.0 through 1.120.4, 1.121.1, and prior to 1.122.0, which stems from insufficient isolation of the Workflow Expression Evaluation System, and could lead to remote code execution...