Exposure of Sensitive System Information to an Unauthorized Control Sphere in n8n - CVE-2026-27494
Published: April 30, 2026
Vulnerability identifier: #VU128727
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-27494
CWE-ID: CWE-497
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: n8n
Affected software:
n8n
n8n
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary code or disclose sensitive information.
The vulnerability exists due to insufficient restriction of built-in Python objects in the Python Code node sandbox when executing Python code in a workflow. A remote user can create or modify a workflow containing crafted Python code to execute arbitrary code or disclose sensitive information.
Task Runners must be enabled for exploitation. On instances using internal Task Runners, exploitation could result in full compromise of the n8n host. On instances using external Task Runners, exploitation might impact other tasks executed on the Task Runner.
How to mitigate CVE-2026-27494
Install security update from vendor's website.