CRITICAL🇵🇱 Wersja polska

CVE-2025-68668

CVSS 9.9v3.1pub. 2025-12-26upd. 2026-01-05

n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process. This issue has been patched in version 2.0.0. Workarounds for this issue involve disabling the Code Node by setting the environment variable NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]", disabling Python support in the Code node by setting the environment variable N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0, and configuring n8n to use the task runner based Python sandbox via the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.

🤖 AI Analysis
How it works

The Code Node in n8n allows running Python code in a Pyodide environment, which is intended to act as an isolated sandbox. The vulnerability consists of the ability to bypass this isolation (CWE-693: Protection Mechanism Failure), allowing an attacker to escape the sandbox boundaries. An authenticated user with permissions to create or modify workflows can craft malicious Python code that executes with the privileges of the n8n process directly on the host operating system.

Impact

An attacker can execute arbitrary system commands on the server hosting n8n with the privileges of the n8n process, which may lead to complete host takeover, data theft, malware installation, or lateral movement in the network.

Mitigation & patch

n8n should be updated to version 2.0.0 or newer. As a workaround (for version 1.x): (1) disable the Code Node by setting the environment variable NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]"; (2) disable Python support in Code Node by setting N8N_PYTHON_ENABLED=false (available from version 1.104.0); (3) configure n8n to use a Python sandbox based on task runner through environment variables N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER.

Who is affected

n8n in versions from 1.0.0 to < 2.0.0 (open source workflow automation platform) with the Code Node enabled supporting Python (Pyodide)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
  • N8n

    APP
    N8N
    1.0.0 – 2.0.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-68613CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE w systemie ewaluacji wyrażeń n8n — krytyczna podatność

CVE-2026-44791CRITICAL9.4PL ✓ten sam produkt

RCE w n8n poprzez ominięcie łatki CVE-2026-42232 w węźle XML

CVE-2026-44789CRITICAL9.4PL ✓ten sam produkt

n8n: prototype pollution w HTTP Request node prowadzący do RCE

CVE-2026-44790CRITICAL9.4PL ✓ten sam produkt

Wstrzyknięcie flag CLI w węźle Git platformy n8n — odczyt dowolnych plików

CVE-2026-42231CRITICAL9.4PL ✓ten sam produkt

Prototype Pollution w n8n prowadzące do RCE przez webhook handler