A brand new crucial security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that would allow an authenticated attacker to execute arbitrary system instructions on the underlying host.
The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a safety mechanism failure.
It impacts n8n variations from 1.0.0 as much as, however not together with, 2.0.0, and permits an authenticated consumer with permission to create or modify workflows to execute arbitrary working system instructions on the host working n8n. The difficulty has been addressed in model 2.0.0.
“A sandbox bypass vulnerability exists within the Python Code Node that makes use of Pyodide,” an advisory for the flaw states. “An authenticated consumer with permission to create or modify workflows can exploit this vulnerability to execute arbitrary instructions on the host system working n8n, utilizing the identical privileges because the n8n course of.”
N8n stated it had launched activity runner-based native Python implementation in model 1.111.0 as an non-compulsory characteristic for improved security isolation. The characteristic might be enabled by configuring the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER atmosphere variables. With the discharge of model 2.0.0, the implementation has been made the default.
As workarounds, n8n is recommending that customers comply with the outlined steps beneath –
- Disable the Code Node by setting the atmosphere variable NODES_EXCLUDE: “[“n8n-nodes-base.code”]”
- Disable Python help within the Code node by setting the atmosphere variable N8N_PYTHON_ENABLED=false
- Configure n8n to make use of the duty runner-based Python sandbox by way of the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER atmosphere variables
The disclosure comes as n8n addressed one other crucial vulnerability (CVE-2025-68613, CVSS rating: 9.9) that would lead to arbitrary code execution below sure circumstances.
