Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the n8n open-source workflow automation platform have been disclosed, allowing attackers to perform unrestricted remote code execution on the server. The vulnerabilities, tracked as CVE-2026-25049, can be exploited by authenticated users to escape the environment and gain complete control of the host server. Researchers found that the sanitization mechanism in n8n is insufficient, bypassing the patch for CVE-2025-68613, another critical flaw. Exploitation enables attackers to run arbitrary commands, steal credentials, and access internal systems. Users are advised to update to the latest version of n8n and review their workflows for suspicious expressions.