Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have disclosed critical vulnerabilities in the popular n8n workflow automation platform that could enable remote code execution and exposure of stored credentials. The security flaws, affecting both self-hosted and cloud deployments, have been patched in recent updates, but organizations using affected versions should prioritize immediate remediation.

The most severe vulnerabilities include CVE-2026-27577 (CVSS score: 9.4) and CVE-2026-27493 (CVSS score: 9.5), both of which could be exploited to achieve remote code execution on the n8n host system. Additionally, two other critical flaws (CVE-2026-27495 and CVE-2026-27497) were resolved in the same security updates.

Expression Sandbox Escape Leads to Remote Code Execution

"CVE-2026-27577 is a sandbox escape in the expression compiler: a missing case in the AST rewriter lets process slip through untransformed, giving any authenticated expression full RCE," explained Eilon Cohen, a researcher at Pillar Security who discovered and reported the vulnerabilities.

This vulnerability stems from an incomplete implementation of the abstract syntax tree (AST) rewriting process in n8n's expression compiler. When certain process-related expressions are not properly transformed, they can bypass the security sandbox and execute arbitrary system commands on the host machine running n8n.

The impact is particularly concerning because n8n is often used to automate critical business processes and frequently handles sensitive credentials. An attacker exploiting this vulnerability could potentially:

• Execute arbitrary code on the n8n host
• Access the underlying operating system
• Escalate privileges to gain broader network access
• Deploy additional malware or backdoors

Unauthenticated Expression Evaluation via Form Nodes

CVE-2026-27493 presents an even more dangerous attack vector because it doesn't require authentication. Pillar Security described this as a "double-evaluation bug" in n8n's Form nodes that could be abused for expression injection.

The vulnerability exists because form endpoints in n8n are public by design and don't require authentication or an n8n account. This means an attacker could target public "Contact Us" forms or other publicly accessible forms to execute arbitrary shell commands simply by providing a crafted payload in the Name field or other input fields.

"All it takes for successful exploitation is to leverage a public 'Contact Us' form to execute arbitrary shell commands by simply providing a payload as input into the Name field," Cohen noted.

When chained with an expression sandbox escape like CVE-2026-27577, this vulnerability could "escalate to remote code execution on the n8n host," according to n8n's advisory.

Additional Critical Vulnerabilities Fixed

The security updates also addressed two other critical vulnerabilities:

CVE-2026-27495 (CVSS 9.4): An authenticated user with workflow creation/modification permissions could exploit a code injection vulnerability in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox boundary.

CVE-2026-27497 (CVSS 9.4): An authenticated user could leverage the Merge node's SQL query mode to execute arbitrary code and write arbitrary files on the n8n server.

Credential Exposure Risk

Perhaps most concerning is that these vulnerabilities could be exploited to access n8n's encryption keys and decrypt stored credentials.

"An attacker could exploit these flaws to read the N8N_ENCRYPTION_KEY environment variable and use it to decrypt every credential stored in n8n's database, including AWS keys, database passwords, OAuth tokens, and API keys," Pillar Security warned.

This represents a significant risk for organizations that use n8n to manage integrations with various services, as compromised credentials could provide attackers with access to numerous other systems and data.

Affected Versions and Patches

The following versions of n8n are affected:

• < 1.123.22

• = 2.0.0 < 2.9.3

• = 2.10.0 < 2.10.1

Patches have been released in versions:

• 2.10.1
• 2.9.3
• 1.123.22

Immediate Mitigation Strategies

For organizations unable to immediately patch the vulnerabilities, n8n and security researchers recommend several mitigation strategies:

For CVE-2026-27577:

• Limit workflow creation and editing permissions to fully trusted users
• Deploy n8n in a hardened environment with restricted OS privileges and network access

For CVE-2026-27493:

• Review the usage of form nodes manually for the above-mentioned preconditions
• Disable the Form node by adding n8n-nodes-base.form to the NODES_EXCLUDE environment variable
• Disable the Form Trigger node by adding n8n-nodes-base.formTrigger to the NODES_EXCLUDE environment variable

"These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures," the n8n maintainers cautioned.

For CVE-2026-27495:

• Use external runner mode (N8N_RUNNERS_MODE=external) to limit the blast radius

For CVE-2026-27497:

• Disable the Merge node by adding n8n-nodes-base.merge to the NODES_EXCLUDE environment variable

Best Practices for Securing n8n Deployments

Beyond patching these specific vulnerabilities, organizations should consider implementing these security best practices for n8n:

1. Principle of Least Privilege: Restrict user permissions to only what's necessary for their roles
2. Network Segmentation: Isolate n8n instances in separate network zones
3. Regular Security Audits: Periodically review workflows and node usage for potential security issues
4. Credential Management: Use external secret management solutions rather than storing credentials directly in n8n
5. Monitoring and Logging: Implement comprehensive logging and monitoring for suspicious activity
6. Environment Hardening: Run n8n with minimal privileges and restrict access to necessary resources only

The Bigger Picture: Workflow Automation Security

These vulnerabilities highlight the critical security challenges in workflow automation platforms. As organizations increasingly rely on tools like n8n to connect disparate systems and automate critical processes, the security of these platforms becomes paramount.

"Workflow automation platforms like n8n often sit at the center of an organization's digital infrastructure, connecting numerous services and handling sensitive data," said Cohen. "Security in these platforms isn't just about protecting the platform itself, but about protecting the entire ecosystem of connected systems."

Organizations should treat workflow automation platforms with the same security considerations as other critical infrastructure components, including regular security assessments, prompt patching, and robust access controls.

For more information on the vulnerabilities and remediation steps, organizations should consult the official n8n security advisory and the Pillar Security research report.

The disclosure of these vulnerabilities serves as a reminder that as workflow automation becomes increasingly central to business operations, the security of these platforms must be a top priority for organizations of all sizes.