Critical n8n Vulnerability Enables Authenticated Command Execution (CVE-2025-68668)
Executive Summary
In January 2026, a critical vulnerability (CVE-2025-68668) was disclosed in n8n, an open-source workflow automation platform, allowing authenticated users with workflow modification privileges to execute arbitrary system commands on the host server. The flaw, caused by a sandbox bypass in the Python Code Node (Pyodide), impacted all n8n versions from 1.0.0 up to 2.0.0. Prompted by Cyera Research Labs’ findings, the n8n team released version 2.0.0 as a fix and advised urgent security configuration changes or feature disablement as interim measures. The vulnerability poses high risks for supply-chain and SaaS environments using n8n in production, potentially enabling lateral movement or privilege escalation.
This incident underscores the continued threat from vulnerabilities in low-code/no-code and automation platforms, especially as attackers increasingly leverage authenticated access and workflow manipulation to escalate privileges. Organizations should review security settings of workflow platforms due to a growing pattern of exploitation in automation pipelines.
Why This Matters Now
The rise of workflow automation and low-code platforms like n8n in enterprise environments means vulnerabilities affecting these systems can have far-reaching impacts, especially when exploited by insider or authenticated users. As attackers target automation chains as entry points, immediate patching and secure configuration are essential to prevent privilege escalation and supply chain breaches.
Attack Path Analysis
An attacker with valid credentials or workflow permissions exploited a critical vulnerability (CVE-2025-68668) in n8n's code node to achieve remote command execution. After gaining access, the attacker leveraged their existing privileges to escalate control within the application environment. Using the exploited workflow permissions, the attacker could move laterally to other services or hosts reachable from the compromised container. The attacker established outbound Command & Control by creating network connections from the compromised host. Sensitive data was then exfiltrated through allowed outbound channels. Ultimately, the attacker’s actions led to a potential business impact, ranging from further system compromise to possible service disruption.
Kill Chain Progression
Initial Compromise
Description
Authenticated attacker leveraged workflow creation/modification permissions in vulnerable n8n instance to exploit the Python Code Node sandbox bypass (CVE-2025-68668).
Related CVEs
CVE-2025-68668
CVSS 9.9A sandbox bypass vulnerability in n8n's Python Code Node allows authenticated users to execute arbitrary system commands on the host.
Affected Products:
n8n n8n – 1.0.0 up to, but not including, 2.0.0
Exploit Status:
proof of conceptCVE-2025-68613
CVSS 9.9A remote code execution vulnerability in n8n's workflow expression evaluation system allows authenticated users to execute arbitrary code.
Affected Products:
n8n n8n – 0.211.0 up to, but not including, 1.120.4, 1.121.0 up to, but not including, 1.121.1, 1.122.0 up to, but not including, 1.122.1
Exploit Status:
proof of conceptCVE-2025-62726
CVSS 8.8A remote code execution vulnerability in n8n's Git Node component allows attackers to execute arbitrary code via malicious pre-commit hooks.
Affected Products:
n8n n8n – All versions before 1.113.0
Exploit Status:
proof of concept
MITRE ATT&CK® Techniques
Indirect Command Execution
Command and Scripting Interpreter: Python
Exploitation for Privilege Escalation
Exploit Public-Facing Application
Valid Accounts
Impair Defenses
Exploitation for Defense Evasion
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Protection of System Components from Exploitable Vulnerabilities
Control ID: 6.4.1
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Art. 9(2)
CISA ZTMM 2.0 – Implement secure application design and runtime controls
Control ID: Application Workload: Threat Protection
NIS2 Directive – Supply Chain Security – Vulnerability Handling
Control ID: Article 21(2)(d)
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
Critical n8n workflow automation vulnerability enables authenticated command execution, threatening CI/CD pipelines and development environments with system compromise risks.
Information Technology/IT
N8scape vulnerability in workflow platforms creates severe risks for IT operations, automation systems, and infrastructure management requiring immediate patching.
Financial Services
Workflow automation vulnerabilities threaten trading systems, compliance processes, and financial data pipelines with potential regulatory violations and operational disruption.
Health Care / Life Sciences
Critical automation platform flaws risk patient data systems, clinical workflows, and HIPAA compliance through arbitrary command execution capabilities.
Sources
- New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commandshttps://thehackernews.com/2026/01/new-n8n-vulnerability-99-cvss-lets.htmlVerified
- Security Advisory: Security Vulnerability in n8n Versions 1.65-1.120.4https://blog.n8n.io/security-advisory-20260108/Verified
- CVE-2025-68668 - Critical Vulnerability - TheHackerWirehttps://www.thehackerwire.com/vulnerability/CVE-2025-68668/Verified
- CVE-2025-68668 | INCIBEhttps://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2025-68668Verified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Zero Trust controls like microsegmentation, egress policy enforcement, and workload-to-workload isolation would have constrained attacker movement, detected anomalous behaviors, and prevented exfiltration post-exploit. Layered CNSF capabilities ensure that even if application vulnerabilities are exploited, lateral movement and data theft risks are minimized.
Control: Multicloud Visibility & Control
Mitigation: Abnormal workflow creation or privilege misuse could be rapidly detected and alerted.
Control: Zero Trust Segmentation
Mitigation: Escalation beyond intended privilege sets would be blocked by strict network and identity-based segmentation.
Control: East-West Traffic Security
Mitigation: Lateral movement to other workloads or environments would be prevented.
Control: Egress Security & Policy Enforcement
Mitigation: Suspicious outbound connections would be blocked or flagged in real-time.
Control: Cloud Firewall (ACF)
Mitigation: Unauthorized data exfiltration flows would be detected and prevented.
Anomalous workflow or infrastructure changes would trigger automated incident response.
Impact at a Glance
Affected Business Functions
- Workflow Automation
- Data Processing
- System Integration
Estimated downtime: 3 days
Estimated loss: $50,000
Potential exposure of sensitive workflow data and system credentials due to unauthorized command execution.
Recommended Actions
Key Takeaways & Next Steps
- • Enforce zero trust segmentation for application workloads to minimize impact of exploited vulnerabilities.
- • Implement strict egress filtering policies to block unauthorized outbound connections and potential C2 activity.
- • Activate centralized visibility and anomaly detection to promptly identify workflow abuse or privilege misuse.
- • Regularly audit and update access privileges for all automation platforms and sensitive cloud services.
- • Ensure all application nodes and cloud workloads operate within the principle of least privilege and limited network scopes.
