Sandbox Bypass Vulnerability in n8n Workflow Automation Platform
CVE-2025-68668

9.9CRITICAL

Key Information:

Vendor

N8n-io

Status
N8n
Vendor
CVE Published:
26 December 2025

Badges

πŸ“ˆ TrendedπŸ“ˆ Score: 2,850πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

What is CVE-2025-68668?

CVE-2025-68668 is a vulnerability found in the n8n workflow automation platform, an open-source tool designed to help users automate various workflows and integrate different services efficiently. This specific vulnerability is categorized as a sandbox bypass in the Python Code Node that utilizes Pyodide. The affected versions range from 1.0.0 to before 2.0.0. Because of this vulnerability, an authenticated user with permissions to create or modify workflows has the potential to exploit this issue to execute arbitrary commands on the host system where n8n is running. The implications of this vulnerability are significant, as it allows attackers to operate with the same privileges as the n8n process, which can lead to the full compromise of the system. This can disrupt operations and expose sensitive data, thereby posing a major risk to organizations using this platform.

Potential impact of CVE-2025-68668

  1. Remote Code Execution: The vulnerability allows an attacker to execute arbitrary commands on the host system, which can lead to complete control over the affected environment. This level of access can be detrimental to an organization, enabling data manipulation, exfiltration, or even the installation of persistent malware.

  2. Privilege Escalation: Since the attack is executed using the same privileges as the n8n process, it provides a means for an attacker to escalate privileges within the system. This can heighten the severity of data breaches and system failures, as compromised accounts may have access to sensitive resources.

  3. Operational Disruption: Organizations that rely on n8n for workflow automation may experience significant operational disruptions as a result of this vulnerability. Exploitation could halt critical processes, lead to data loss, and necessitate emergency responses, affecting overall productivity and trust in the automated systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

n8n >= 1.0.0, < 2.0.0

News Articles

favicon imagegbhackers.com

New n8n Vulnerability Allows Attackers to Execute Arbitrary Commands

A critical vulnerability has been discovered in n8n, that could allow authenticated users to execute arbitrary commands on vulnerable systems.

favicon imagegbhackers.com

New n8n Vulnerability Allows Attackers to Execute Arbitrary Commands

A critical vulnerability has been discovered in n8n, that could allow authenticated users to execute arbitrary commands on vulnerable systems.

favicon imageCybersecurityNews

New Critical n8n Vulnerability Allow Attackers to Execute Arbitrary Commands

A critical vulnerability has been discovered in n8n, the popular open-source workflow automation platform, enabling authenticated attackers to execute arbitrary commands on host systems.

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-62...
x_refsource_CONFIRM

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • πŸ“ˆ

    Vulnerability started trending

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

JSON
.