Authenticated User Exploitation in n8n Workflow Automation by Open Source Vendor

CVE-2026-27494

What is CVE-2026-27494?

The n8n workflow automation platform has a vulnerability that allows authenticated users with the ability to create or modify workflows to escape the Python node sandbox. This flaw permits attackers to access certain built-in Python objects, enabling them to exfiltrate sensitive file contents or execute arbitrary code remotely. Particularly on installations utilizing internal Task Runners, this could lead to a complete compromise of the n8n host. Even on setups using external Task Runners, the ramifications may include unauthorized access to other tasks processed by the runner. The vulnerability has been corrected in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users are encouraged to upgrade their systems to these versions or beyond for effective remediation. For temporary mitigations, it is advisable to restrict workflow creation and editing permissions to trusted individuals or disable the Code node via the NODES_EXCLUDE setting. However, these measures do not provide full protection and should only be employed as stopgap solutions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References