CVE-2026-25049 Overview
CVE-2026-25049 is a critical command injection vulnerability discovered in n8n, an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. This vulnerability allows attackers to execute arbitrary commands on the underlying server, potentially leading to complete system compromise.
Critical Impact
Authenticated attackers can achieve remote code execution on n8n servers through malicious workflow expressions, enabling full system compromise and lateral movement within affected infrastructure.
Affected Products
- n8n versions prior to 1.123.17 (1.x branch)
- n8n versions prior to 2.5.2 (2.x branch)
- n8n installations on Node.js environments
Discovery Timeline
- 2026-02-04 - CVE-2026-25049 published to NVD
- 2026-02-05 - Last updated in NVD database
Technical Details for CVE-2026-25049
Vulnerability Analysis
This vulnerability falls under CWE-913 (Improper Control of Dynamically-Managed Code Resources). The flaw exists in n8n's expression evaluation mechanism used within workflow parameters. When users create or modify workflows, n8n processes expressions embedded in workflow configurations. The vulnerability arises because these expressions are not properly sanitized before being evaluated, allowing attackers to inject malicious code that escapes the intended expression context and executes system commands.
The network-accessible nature of n8n combined with the low attack complexity makes this vulnerability particularly dangerous. An authenticated attacker with workflow creation or modification privileges can craft expressions that bypass intended security boundaries, achieving arbitrary command execution on the underlying host system. The impact extends beyond the n8n application itself, potentially affecting other services and data on the same host or connected network segments.
Root Cause
The root cause of CVE-2026-25049 lies in improper control of dynamically-managed code resources within n8n's expression evaluation engine. The application fails to adequately restrict the capabilities available within workflow expressions, allowing users to craft inputs that break out of the intended expression sandbox. This insufficient isolation between user-controlled expression content and system-level execution contexts enables command injection through carefully constructed workflow parameters.
Attack Vector
The attack vector for CVE-2026-25049 is network-based, requiring authentication but no user interaction. An attacker must first obtain valid credentials or access to an n8n account with workflow creation or modification permissions. Once authenticated, the attacker crafts malicious expressions within workflow parameters that, when processed by the n8n engine, execute arbitrary system commands on the host server.
The exploitation process involves:
- Authenticating to the n8n platform with appropriate permissions
- Creating or modifying a workflow with specially crafted expression parameters
- Triggering workflow execution to process the malicious expressions
- Achieving command execution on the underlying host system
Due to the sensitive nature of this vulnerability, specific exploitation code is not provided. For technical details, refer to the GitHub Security Advisory GHSA-6cqr-8cfr-67f8.
Detection Methods for CVE-2026-25049
Indicators of Compromise
- Unusual workflow creation or modification patterns by authenticated users
- Unexpected child processes spawned from the n8n application process
- Anomalous system command executions originating from the n8n service account
- Suspicious outbound network connections from the n8n server
Detection Strategies
- Monitor workflow audit logs for expressions containing shell metacharacters or command injection patterns
- Implement behavioral analysis to detect unusual process execution chains from the n8n process
- Deploy endpoint detection and response (EDR) solutions to identify malicious command execution
- Review n8n access logs for unusual authentication patterns preceding workflow modifications
Monitoring Recommendations
- Enable comprehensive logging for all workflow creation and modification events
- Configure alerting for any command execution originating from the n8n process context
- Implement network traffic monitoring for unexpected outbound connections from n8n servers
- Establish baseline process behavior for n8n and alert on deviations
How to Mitigate CVE-2026-25049
Immediate Actions Required
- Upgrade n8n to version 1.123.17 or later for 1.x installations
- Upgrade n8n to version 2.5.2 or later for 2.x installations
- Review workflow creation and modification permissions, limiting access to trusted users only
- Audit existing workflows for suspicious expression patterns
Patch Information
n8n has released security patches addressing this vulnerability in versions 1.123.17 and 2.5.2. The fixes implement proper sanitization and restriction of expression evaluation capabilities to prevent command injection through workflow parameters.
Patch commits are available for review:
Workarounds
- Restrict workflow creation and modification permissions to only essential, trusted users
- Implement network segmentation to isolate n8n servers from critical infrastructure
- Deploy application-level firewalls to monitor and filter suspicious workflow operations
- Run n8n with minimal system privileges to limit the impact of successful exploitation
# Example: Restrict n8n service permissions
# Run n8n under a dedicated service account with minimal privileges
useradd -r -s /bin/false n8n-service
chown -R n8n-service:n8n-service /opt/n8n
# Ensure the service cannot access sensitive system resources
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
