Critical N8n Vulnerability (CVSS 9.9) Allows Authenticated Remote Command Execution
A severe security flaw has been uncovered in n8n, the popular open-source workflow automation platform, posing a significant risk to affected installations. This critical vulnerability, identified as CVE-2025-68668 and boasting a near-maximum CVSS score of 9.9, could enable an authenticated attacker to execute arbitrary system commands on the host running n8n.
Understanding the Threat: CVE-2025-68668
Described as a “protection mechanism failure,” this vulnerability primarily affects n8n versions from 1.0.0 up to, but not including, 2.0.0. The core issue lies within the Python Code Node, specifically a “sandbox bypass vulnerability” that leverages Pyodide. An authenticated user, possessing the necessary permissions to create or modify workflows, can exploit this flaw to inject and execute arbitrary operating system commands. Crucially, these commands run with the same privileges as the n8n process itself, potentially granting an attacker extensive control over the underlying system.
The Fix: Version 2.0.0 and Enhanced Isolation
N8n has swiftly addressed this critical issue with the release of version 2.0.0. This update not only patches CVE-2025-68668 but also solidifies the platform’s security posture. Prior to this, n8n had introduced a task runner-based native Python implementation in version 1.111.0 as an optional feature, designed to provide improved security isolation. With version 2.0.0, this more secure implementation has been made the default, significantly reducing the attack surface for similar vulnerabilities.
Immediate Workarounds for Unpatched Systems
For users unable to upgrade to version 2.0.0 immediately, n8n has provided several crucial workarounds to mitigate the risk:
- Disable the Code Node:
Set the environment variable
NODES_EXCLUDE: "["n8n-nodes-base.code"]"to completely disable the problematic Code Node. - Disable Python Support: If the Code Node is essential but Python is not, disable Python support specifically by setting the environment variable
N8N_PYTHON_ENABLED=false. - Enable Task Runner-Based Python Sandbox: Configure n8n to use the more secure task runner-based Python sandbox by setting the environment variables
N8N_RUNNERS_ENABLEDandN8N_NATIVE_PYTHON_RUNNER.
A Broader Security Context
This disclosure follows closely on the heels of another critical vulnerability (CVE-2025-68613, also with a CVSS score of 9.9) that n8n recently addressed. That flaw also carried the potential for arbitrary code execution under specific conditions, highlighting a period of intense focus on security within the n8n ecosystem. Users are strongly advised to review their n8n installations and apply updates or workarounds without delay to protect their systems from potential compromise.
For more details, visit our website.
Source: Link
