Sandbox Bypass Vulnerability in n8n Workflow Automation Platform
CVE-2025-68668

9.9CRITICAL

Key Information:

Vendor: N8n-io
Status: N8n
Vendor: CVE Published:; 26 December 2025

What is CVE-2025-68668?

A sandbox bypass vulnerability exists in n8n, an open-source workflow automation platform, affecting all versions from 1.0.0 to before 2.0.0. This vulnerability enables authenticated users, who possess permissions to create or modify workflows, to execute arbitrary commands on the host system where n8n operates, with the same privileges as the n8n process. Users are advised to upgrade to version 2.0.0 to mitigate this risk. Temporary workarounds include disabling the Code Node by setting the environment variable NODES_EXCLUDE to prevent access to potentially vulnerable components, and disabling Python support within the Code Node by configuring the N8N_PYTHON_ENABLED environment variable. Additionally, users can utilize the task runner based Python sandbox by adjusting the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables to enhance security.

Affected Version(s)

n8n >= 1.0.0, < 2.0.0

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-62...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2025
Vulnerability Reserved
Dec 22, 2025

JSON

N8n-io

What is CVE-2025-68668?

Affected Version(s)

References

CVSS V3.1

Timeline