Main Vulnerability Database SB2026020960

SB2026020960 - Remote code execution in n8n expression evaluation

Published: February 9, 2026

Security Bulletin ID SB2026020960

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Control of Dynamically-Managed Code Resources (CVE-ID: CVE-2026-25049)

The vulnerability allows a remote user to compromise the affected system.

The vulnerability exists due to an incomplete fix in the expression evaluation for #VU120269 (CVE-2025-68613). A remote user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n.

Remediation

Install update from vendor's website.

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8