Two High-Severity N8n Flaws Allow Authenticated Remote Code Execution

Two high-severity vulnerabilities in the n8n workflow automation platform could lead to remote code execution by authenticated users. Discovered by JFrog Security Research, these vulnerabilities include CVE-2026-1470 (eval injection, CVSS 9.9) and CVE-2026-0863 (Python task executor bypass, CVSS 8.5). Exploiting these flaws may allow attackers to gain full control of n8n instances, especially in internal execution mode. Users are advised to update to specific safe versions to mitigate these risks.

https://thehackernews.com/2026/01/two-high-severity-n8n-flaws-allow.html

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top