Remote Code Execution Vulnerability in n8n Workflow Evaluation System

CVE-2026-1470

What is CVE-2026-1470?

CVE-2026-1470 is a critical vulnerability found in the n8n workflow evaluation system, which is an open-source platform designed for automating tasks and workflows using a visual interface. This vulnerability specifically resides within the Expression evaluation system, where expressions inputted by authenticated users during workflow setup can be executed in a manner that lacks sufficient isolation from the underlying system runtime. As a result, this flaw allows an authenticated attacker to execute arbitrary code within the context of the n8n process, potentially leading to a full compromise of the affected instance. This means that attackers could gain unauthorized access to sensitive information, manipulate existing workflows, and carry out operations that could severely disrupt organizational processes or lead to data breaches.

Potential impact of CVE-2026-1470

1. Unauthorized Access to Sensitive Data: Exploiting this vulnerability may grant attackers access to confidential data managed by the n8n instance, risking the exposure of sensitive organizational or customer information.

2. Workflow Manipulation: Attackers could alter existing workflows to suit their malicious purposes, potentially disrupting normal operations and introducing harmful processes within the organization’s automation tasks.

3. System-Level Operations Execution: With the ability to execute arbitrary code, attackers could perform system-level operations, which may compromise the integrity of the entire system, leading to widespread outages, data loss, and degradation of trust in the organization’s IT services.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References