Headline
GHSA-62r4-hw23-cc8v: n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node
Impact
A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide.
An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process.
Patches
In n8n version 1.111.0, a task-runner-based native Python implementation was introduced as an optional feature, providing a more secure isolation model.
To enable it, you need to configure the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
This implementation became the default starting with n8n version 2.0.0.
Workarounds
- Disable the Code Node by setting the environment variable
NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]"(Docs) - Disable Python support in the Code node by setting the environment variable
N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0. - Configure n8n to use the task runner based Python sandbox via the
N8N_RUNNERS_ENABLEDandN8N_NATIVE_PYTHON_RUNNERenvironment variables. (Docs)
Resources
- n8n documentation: Blocking access to nodes
- n8n documentation: Code Node (Python)
- n8n documentation: Task Runners
Impact
A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide.
An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process.
Patches
In n8n version 1.111.0, a task-runner-based native Python implementation was introduced as an optional feature, providing a more secure isolation model.
To enable it, you need to configure the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
This implementation became the default starting with n8n version 2.0.0.
Workarounds
- Disable the Code Node by setting the environment variable NODES_EXCLUDE: "[“n8n-nodes-base.code”]" (Docs)
- Disable Python support in the Code node by setting the environment variable N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0.
- Configure n8n to use the task runner based Python sandbox via the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables. (Docs)
Resources
- n8n documentation: Blocking access to nodes
- n8n documentation: Code Node (Python)
- n8n documentation: Task Runners
References
- GHSA-62r4-hw23-cc8v
Related news
This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were ignored. Attackers didn’t need novel tricks. They used what was already exposed and moved in without resistance. Scale amplified the damage. A single weak configuration rippled out to millions. A repeatable flaw worked again and
Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances. The vulnerability, tracked as CVE-2026-21858 (CVSS score: 10.0), has been codenamed Ni8mare by Cyera Research Labs. Security researcher Dor Attias has been
Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has been assigned the CVE identifier CVE-2026-21877, is rated 10.0 on the CVSS scoring system. "Under certain conditions, an authenticated user may be able to cause untrusted code to be
A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying host. The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a protection mechanism failure. It affects n8n versions from