Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Staff Editor 2026-01-28
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

https://thehackernews.com/2026/01/two-high-severity-n8n-flaws-allow.html

Publish Date: 2026-01-28 07:43:00

Source Domain: thehackernews.com

Ravie LakshmananJan 28, 2026Vulnerability / Workflow Automation

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution.

The weaknesses, discovered by the JFrog Security Research team, are listed below –

  • CVE-2026-1470 (CVSS score: 9.9) – An eval injection vulnerability that could allow an authenticated user to bypass the Expression sandbox mechanism and achieve full remote code execution on n8n’s main node by passing specially crafted JavaScript code
  • CVE-2026-0863 (CVSS score: 8.5) – An eval injection vulnerability that could allow an authenticated user to bypass n8n’s python-task-executor sandbox restrictions and run arbitrary Python code on the underlying operating system

Successful exploitation of the flaws could permit an attacker to hijack an entire n8n instance, including under scenarios where it’s operating under “internal” execution mode. In its documentation, n8n notes that using internal mode in production environments can pose a security risk, urging users to switch to external mode to ensure proper isolation between n8n and task runner processes.

Cybersecurity

“As n8n spans an entire organization to automate AI workflows, it holds the keys to core tools, functions, and data from infrastructure, including LLM APIs, sales data, and internal IAM systems, among others,” JFrog said in a statement shared with The Hacker News. “This results in escapes giving a hacker an effective “skeleton key” to the entire corporation.”

To address the flaws, users are advised to update to the following versions –

  • CVE-2026-1470 – 1.123.17, 2.4.5, or 2.5.1
  • CVE-2026-0863 – 1.123.14, 2.3.5, or 2.4.2

The development comes merely weeks after Cyera Research Labs detailed a maximum-severity security flaw in n8n (CVE-2026-21858 aka Ni8mare) that allows an unauthenticated remote attacker to gain complete control over susceptible instances.

“These…

Source

More Stories

Mountain Rides resolves cybersecurity threat | Transportation

Mountain Rides resolves cybersecurity threat | Transportation

Staff Editor 2026-06-05
NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

Staff Editor 2026-06-05
Ashley Devoto Named Air Force CIO

Ashley Devoto Named Air Force CIO

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy