Popular n8n Platform Hit by Triple Threat of RCE Flaws: CVE-2026-25049 (CVSS 9.3), CVE-2026-25056, and CVE-2026-25053
Estimated reading time: 6 minutes
Key Takeaways:
- The n8n platform is vulnerable to three critical security flaws enabling Remote Code Execution (RCE).
- CVE-2026-25049 is the most severe, carrying a CVSS score of 9.3 due to a sandbox escape.
- Vulnerabilities target the Git node, Merge node, and expression evaluation engine.
- Immediate updates to versions 2.5.0/1.123.10 or 2.4.0/1.118.0 are required depending on the flaw.
Table of Contents
- Overview of the n8n Triple Threat
- Technical Analysis of CVE-2026-25053: Git Node Command Injection
- Technical Analysis of CVE-2026-25056: Arbitrary File Write via Merge Node
- Technical Analysis of CVE-2026-25049: Expression Evaluation Bypass
- Strategic Risk and Third-Party Dependencies
- Mitigating the n8n Vulnerabilities
- PurpleOps: Addressing Automation Risks
- Practical Takeaways for Technical Teams
- Practical Takeaways for Business Leaders
- Frequently Asked Questions
The n8n workflow automation platform, frequently utilized by technical teams for its “fair-code” flexibility and integrated AI capabilities, has been identified as vulnerable to a cluster of critical security flaws. These vulnerabilities, identified as CVE-2026-25056, CVE-2026-25049, and CVE-2026-25053, allow authenticated attackers to achieve remote code execution (RCE) on the host server. The discovery of the Popular n8n Platform Hit by Triple Threat of RCE Flaws indicates a significant risk for organizations that rely on this tool for orchestrating sensitive data and infrastructure tasks.
With CVSS scores reaching 9.3 for CVE-2026-25049, the vulnerabilities target the platform’s core functional components: the Git node, the Merge node, and the expression evaluation engine. These tools, designed to execute complex logic and manage code repositories, become primary attack vectors when logic flaws allow users to bypass intended restrictions.
Technical Analysis of CVE-2026-25053: Git Node Command Injection
The vulnerability identified as CVE-2026-25053 centers on the n8n Git node. This component is used by developers and DevOps engineers to automate repository management, such as pulling code updates or committing changes as part of a larger workflow.
The flaw exists because the Git node fails to properly sanitize user-supplied input before passing it to system-level commands. Research indicates that an authenticated user who possesses permissions to create or modify workflows can exploit this lack of sanitization to execute arbitrary system commands. This allows the attacker to break out of the n8n application environment and interact directly with the host operating system.
Beyond command execution, the vulnerability also facilitates unauthorized file reading. An attacker can use the Git node to access configuration files, environment variables, or other sensitive data stored on the host server. To address this, users must upgrade to versions 2.5.0 or 1.123.10. Organizations should utilize a cyber threat intelligence platform to monitor for exploitation attempts targeting these specific Git node parameters in their logs.
Technical Analysis of CVE-2026-25056: Arbitrary File Write via Merge Node
The second vulnerability, CVE-2026-25056, targets the Merge node, specifically when configured in “SQL Query” mode. The Merge node is designed to combine data from multiple sources, and the SQL Query mode allows users to perform operations on that data using SQL-like syntax.
This vulnerability allows an authenticated user with workflow modification rights to write files to any location on the n8n server’s filesystem. By leveraging the SQL Query mode, an attacker can craft a request that outputs data to a specific file path. This capability is a precursor to full remote code execution.
Once a file is written to the filesystem, the attacker can execute code with the same privileges as the n8n process. This lateral movement from “file write” to “code execution” often happens without triggering standard security alerts if the organization lacks advanced PurpleOps Solutions capabilities.
This flaw has been remediated in versions 2.4.0 and 1.118.0.
Technical Analysis of CVE-2026-25049 (CVSS 9.3): Expression Evaluation Bypass
CVE-2026-25049 is the most severe of the three identified flaws. This vulnerability involves the expression evaluation engine, a fundamental part of the n8n architecture that allows users to write dynamic JavaScript-like expressions to manipulate data between nodes.
The expression engine is intended to run within a restricted environment (a sandbox) to prevent users from executing dangerous code on the host. However, researchers identified flaws in how these expressions are parsed and executed. An authenticated user can bypass the sandbox restrictions by using specially crafted expressions.
Because n8n often runs with significant permissions, a sandbox escape leads directly to full host takeover. This type of vulnerability is a priority for actors who utilize a live ransomware API to automate the deployment of malicious payloads once an entry point is established. The complexity of expression-based attacks makes them difficult to detect with traditional signature-based firewalls.
Strategic Risk and Third-Party Dependencies
The “triple threat” in n8n highlights a broader issue in supply-chain risk monitoring. Automation tools like n8n are often integrated deeply into a company’s infrastructure, connecting to databases, cloud providers, and communication tools. If the automation platform is compromised, the attacker gains a foothold into every connected service.
Threat actors frequently monitor for such vulnerabilities using underground forum intelligence. Organizations that do not actively engage in telegram threat monitoring or use a dark web monitoring service may be unaware that their specific software stack is being targeted. Furthermore, the necessity of brand leak alerting is underscored by the requirement for “authenticated access” to exploit these CVEs.
Mitigating the n8n Vulnerabilities
The primary recommendation for all n8n administrators is to apply the official patches immediately:
- For CVE-2026-25053 (Git Node): Update n8n to version 2.5.0 or 1.123.10.
- For CVE-2026-25056 (Merge Node): Update n8n to version 2.4.0 or 1.118.0.
- For CVE-2026-25049 (Expression Engine): Ensure the latest security patches are applied to the platform’s core engine.
If immediate patching is not feasible, consider these temporary measures:
- Restrict Permissions: Limit workflow creation to a small group of highly trusted administrators.
- Node Restriction: Disable the Git or Merge nodes if they are not essential.
- Network Segmentation: Ensure the n8n host is located in a segmented network zone.
PurpleOps: Addressing Automation Risks
PurpleOps provides the technical expertise and toolsets required to identify and mitigate vulnerabilities within automation platforms like n8n. Our cyber threat intelligence services provide organizations with the data needed to understand the current threat landscape.
Through our dark web monitoring and underground forum intelligence capabilities, PurpleOps can identify if your organization’s assets are being discussed by threat actors. For organizations concerned about automated workflows, PurpleOps offers specialized services.
Furthermore, our focus on supply-chain information security ensures that third-party tools do not become the weakest link. To prevent full-scale encryption events, our protect ransomware services focus on identifying early attack stages using real-time ransomware intelligence.
Practical Takeaways for Technical Teams
- Audit Permissions: Immediately review the user list and revoke “Editor” or “Admin” roles where not strictly necessary.
- Log Analysis: Configure your SIEM to flag `child_process.exec` calls originating from the Node.js process running n8n.
- Environment Isolation: Run n8n within a containerized environment (like Docker) with the lowest possible filesystem privileges.
- API Security: Rotate API keys regularly and use brand leak alerting to detect exposed credentials.
Practical Takeaways for Business Leaders
- Prioritize Patching: Treat CVE-2026-25049 as an emergency update due to its 9.3 CVSS score.
- Vendor Risk Assessment: Evaluate the sandbox capabilities of “low-code” or “no-code” platforms before adoption.
- Invest in Intelligence: Shift resources toward defending vectors identified through real-time ransomware intelligence.
- Incident Response Planning: Include scenarios for automation hub compromise in your IR plan, including credential rotation for all connected services.
Frequently Asked Questions
Which n8n versions are vulnerable to these RCE flaws?
Vulnerabilities affect various versions; however, fixes are available in versions 2.5.0/1.123.10 for the Git node and 2.4.0/1.118.0 for the Merge node.
What makes CVE-2026-25049 so critical?
It carries a CVSS 9.3 score because it allows an attacker to bypass the JavaScript sandbox, leading to a full host takeover of the server running n8n.
Are these vulnerabilities exploitable without a password?
No, these exploits typically require an authenticated user account with permissions to create or modify workflows.
How can PurpleOps help secure my n8n instance?
PurpleOps offers penetration testing, dark web monitoring, and supply chain security audits to identify and mitigate risks in automation hubs.
For more information on how to secure your automation infrastructure, visit our platform and PurpleOps Solutions pages.