A new and highly critical security vulnerability has been found in n8n, a popular open-source workflow automation platform. The flaw has been assigned a CVSS score of 9.9, indicating extremely high risk. Security researchers confirm the issue is real and serious. It affects how n8n handles certain workflow execution features.
n8n is widely used to automate tasks between applications, services, and internal systems. Because of this, it often has access to sensitive data and credentials. Any weakness in such a platform can have a large impact. This vulnerability increases the risk of server-level compromise.
The issue exists in the Python Code Node feature used within workflows. This node allows users to run Python code as part of automation logic. Due to weak isolation and security checks, the feature can be abused. An authenticated user can escape restrictions and execute system commands.
In simple terms, a logged-in user with workflow editing rights can run commands directly on the server. This does not require full administrative privileges. Once exploited, attackers could read files, change system settings, or install malicious tools. The level of damage depends on how n8n is deployed.
The vulnerability affects n8n versions starting from 1.0.0 up to, but not including, version 2.0.0. Many organizations still run these versions in self-hosted environments. Systems that allow multiple users to create or modify workflows face higher risk. Delayed upgrades increase exposure.
Although authentication is required, experts say the risk remains critical. Attackers often gain valid access through phishing, leaked credentials, or reused passwords. Once inside, this flaw allows privilege escalation. That makes even limited user accounts dangerous.
This issue is especially concerning because n8n often connects to core business systems. A compromised instance could expose API keys, access connected services, or alter automation flows. It could also be used to move deeper into internal networks. The potential impact goes beyond n8n itself.
The problem has been fixed in n8n version 2.0.0 with stronger security controls. Users are strongly advised to upgrade immediately. If upgrading is not possible, access to workflow editing should be restricted. This vulnerability shows why automation platforms must be treated as critical infrastructure.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
