What's Happening?
A critical vulnerability has been identified in the n8n AI workflow automation platform, which could enable attackers to execute arbitrary commands on the server. This vulnerability, tracked as CVE-2026-25049 with a CVSS score of 9.4, affects the platform's sandbox sanitization routine that evaluates JavaScript expressions. Pillar Security discovered that the sandbox's sanitizer could be bypassed using JavaScript expressions with template literals, arrow functions, and specific stack frame objects. This flaw allows attackers to escape the sandbox and execute commands on the server, leading to a full server compromise. Attackers could access environment variables, stored credentials, API and cloud keys, OAuth tokens, and configuration files.
The vulnerability was reported to n8n on December 21, and a fix was implemented two days later. However, Pillar Security found that the patch could be bypassed using function arguments, which were not sanitized. The issue was fully addressed in n8n version 2.4.0, and users are advised to update their instances immediately.
Why It's Important?
The discovery of this vulnerability highlights significant security risks associated with AI workflow automation platforms like n8n. The ability for attackers to execute arbitrary commands and access sensitive data poses a severe threat to organizations using the platform. This could lead to unauthorized access to cloud accounts, hijacking of AI pipelines, and redirection of traffic, potentially causing substantial operational disruptions and data breaches. The incident underscores the importance of robust security measures and timely updates to protect against such vulnerabilities. Organizations relying on n8n must ensure they are running the latest version to safeguard their systems and data.
What's Next?
Organizations using n8n should prioritize updating to version 2.4.0 to mitigate the risk of exploitation. Security teams need to review their systems for any signs of compromise and ensure that all security patches are applied promptly. Additionally, n8n and similar platforms must continue to enhance their security protocols to prevent future vulnerabilities. Users should remain vigilant and monitor for any further updates or advisories from n8n regarding potential security issues.
