Two vulnerabilities within the n8n workflow automation platform might permit attackers to completely compromise affected cases, entry delicate information, and execute arbitrary code on the underlying host.
Recognized as CVE-2026-1470 and CVE-2026-0863, the vulnerabilities had been found and reported by researchers at DevSecOps firm JFrog.
Regardless of requiring authentication, CVE-2026-1470 obtained a important severity rating of 9.9 out of 10. JFrog defined that the important ranking was as a consequence of arbitrary code execution occurring in n8n’s primary node, which permits full management over the n8n occasion.
n8n is an open-source workflow automation platform that lets customers hyperlink purposes, APIs, and providers into advanced processes utilizing a visible editor.
With greater than 200,000 weekly downloads on npm, the library is used for activity automation and helps integrations with AI and huge language mannequin (LLM) providers.
The 2 vulnerabilities found by JFrog will be summarized as follows:
- CVE-2026-1470 – An AST sandbox escape attributable to improper dealing with of the JavaScript with assertion permits a standalone constructor identifier to bypass sanitization and resolve to Perform, enabling arbitrary JavaScript execution and leading to full RCE on the principle n8n node.
- CVE-2026-0863 – A Python AST sandbox escape that mixes format-string–primarily based object introspection with Python 3.10+ AttributeError.obj habits to regain entry to restricted builtins and imports, permitting execution of OS instructions and full RCE when Python runs as a subprocess on the principle n8n node.
“These vulnerabilities spotlight how tough it’s to securely sandbox dynamic, excessive‑degree languages resembling JavaScript and Python,” JFrog explains.
“Even with a number of validation layers, deny lists, and AST‑primarily based controls in place, delicate language options and runtime behaviors will be leveraged to bypass security assumptions,” the researchers say.
Exploiting CVE-2026-1470 requires authentication as a result of permissions to create or modify a workflow are needed to flee the sandbox and execute instructions on the host.
The flaw remains to be rated important since non-admin customers, assumed to be safely contained in most deployments, can exploit it to pivot to infrastructure-level management.
CVE-2026-1470 was mounted in variations 1.123.17, 2.4.5, and a pair of.5.1, whereas CVE-2026-0863 was addressed in n8n variations 1.123.14, 2.3.5, 2.4.2. Customers are beneficial to improve to the newest variations as quickly as potential.
It ought to be famous that the n8n cloud platform has addressed the problems, and solely self-hosted variations operating a weak launch are affected.
Researcher Rhoda Good, who defined CVE-2026-0863 in a technical weblog submit, promised so as to add a proof-of-concept exploit within the write-up, which might immediate attackers to hunt for and goal self-hosted n8n deployments.
The n8n platform gained extra consideration just lately, as security researchers reported important flaws. Earlier this month, the max-severity flaw “Ni8mare” was disclosed, which permits distant, unauthenticated attackers to take management of native n8n cases.
Every week later, scans confirmed that 60,000 cases remained in danger. As of January 27, this quantity has fallen to 39,900 uncovered cases, indicating a really sluggish patching charge among the many platform’s customers.
It is price range season! Over 300 CISOs and security leaders have shared how they’re planning, spending, and prioritizing for the 12 months forward. This report compiles their insights, permitting readers to benchmark methods, determine rising tendencies, and examine their priorities as they head into 2026.
Find out how prime leaders are turning funding into measurable impression.
