{"id":210498,"date":"2026-02-04T16:14:00","date_gmt":"2026-02-04T21:14:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/04\/critical-n8n-flaws-disclosed-along-with-public-exploits\/"},"modified":"2026-02-05T19:25:25","modified_gmt":"2026-02-06T00:25:25","slug":"critical-n8n-flaws-disclosed-along-with-public-exploits","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/04\/critical-n8n-flaws-disclosed-along-with-public-exploits\/","title":{"rendered":"Critical n8n flaws disclosed along with public exploits"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/critical-n8n-flaws-disclosed-along-with-public-exploits\/\">Critical n8n flaws disclosed along with public exploits<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/critical-n8n-flaws-disclosed-along-with-public-exploits\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/critical-n8n-flaws-disclosed-along-with-public-exploits\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-04 16:14:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server.<\/p>\n<p>Collectively tracked as\u00a0CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the n8n server.<\/p>\n<p>Researchers at several cybersecurity companies reported the problems, which stem from n8n&#8217;s sanitization mechanism and bypass the patch for\u00a0CVE-2025-68613, another\u00a0critical flaw addressed on December 20.<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/c\/w\/MCP-Best-Practices-970x250.png\" alt=\"Wiz\" style=\"margin-top: 0px;\"\/><\/p>\n<p>According to Pillar Security, exploiting\u00a0CVE-2026-25049 enables complete compromise of the n8n instance and could be leveraged to run arbitrary system commands on the server,\u00a0steal all stored credentials, secrets (API keys, OAuth tokens), and sensitive configuration files.<\/p>\n<p>By exploiting the vulnerability, the researchers were also able to access the filesystem and internal systems, pivot to connected cloud accounts, and hijack AI workflows (intercept prompts, modify responses, redirect traffic).<\/p>\n<p>As n8n is a multi-tenant environment, accessing internal cluster services can potentially allow pivoting to other tenants\u2019 data.<\/p>\n<p>\u201cThe attack requires nothing special. If you can create a workflow, you can own the server,\u201d Pillar Security says in a report today.<\/p>\n<p><img decoding=\"async\" alt=\"Full attack chain\" height=\"600\" src=\"https:\/\/www.bleepstatic.com\/images\/news\/u\/1220909\/2026\/February\/attack-chain.png\" width=\"439\"\/><strong>Full attack chain<\/strong><br \/>Source: Pillar Security<\/p>\n<p>Pillar\u2019s report describes the problem as incomplete AST-based sandboxing and explains\u00a0that it arises from n8n\u2019s weak sandboxing of user-written server-side JavaScript expressions in workflows.<\/p>\n<p>On December 21, 2025, they demonstrated a chained bypass to the n8n team, allowing sandbox escape and access to the Node.js global object, leading to RCE.<\/p>\n<p>A fix was implemented two days later, but upon further analysis, Pillar found it incomplete, and a second escape via a different mechanism using equivalent operations remained possible.<\/p>\n<p>n8n&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/critical-n8n-flaws-disclosed-along-with-public-exploits\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical n8n flaws disclosed along with public exploits https:\/\/www.bleepingcomputer.com\/news\/security\/critical-n8n-flaws-disclosed-along-with-public-exploits\/ Publish Date: 2026-02-04 16:14:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":210499,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/01\/12\/n8n-headpic.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,27],"class_list":["post-210498","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/210498"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=210498"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/210498\/revisions"}],"predecessor-version":[{"id":210500,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/210498\/revisions\/210500"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/210499"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=210498"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=210498"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=210498"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}