Critical n8n Vulnerability - Attackers Can Execute Code Remotely
There's a big hole in a popular tool that helps people automate tasks online. If bad guys find a way in, they can take control of the whole system without anyone noticing. It's like leaving a door unlocked in a house; anyone with a key can walk right in and do whatever they want. The people who made the tool have fixed the problem, but everyone needs to update their systems quickly to stay safe.
A critical vulnerability in n8n allows attackers to execute code remotely, posing severe risks to enterprise automation environments.
A critical security flaw in n8n, a widely used open-source workflow automation platform, exposes host servers to Remote Code Execution (RCE) attacks. Tracked as CVE-2026-33660, this vulnerability allows authenticated threat actors to bypass built-in security restrictions, access sensitive data, and ultimately compromise the entire underlying host instance. The core of the vulnerability resides within the 'Merge' node of n8n workflows, specifically when users activate the 'Combine by SQL' mode. n8n uses an AlaSQL sandbox to execute these SQL operations safely. However, security researchers discovered that this sandbox fails to restrict specific SQL statements adequately. Attackers can feed malicious instructions through the node due to improper control over code generation from externally influenced input (CWE-94: Code Injection). If an attacker has baseline permission to create or modify workflows, they can exploit this sandbox escape to read local files directly from the n8n host system. From there, they can easily escalate the attack to execute arbitrary code remotely, gaining deep administrative access to the server infrastructure. Earning a critical severity rating across both CVSS 3.1 and CVSS 4.0 frameworks, CVE-2026-33660 represents a severe risk to enterprise automation environments. The attack vector is strictly network-based and features low attack complexity, requiring no user interaction and relying only on low-level privileges. Once an attacker breaches any account capable of workflow editing, they can pivot to full server takeover, compromising system confidentiality, integrity, and availability. New reports indicate that this vulnerability has already been exploited in the wild, leading to unauthorized access in several organizations, underscoring the urgency for immediate action. The n8n development team has officially addressed the issue in their latest releases on GitHub. Security teams and system administrators are strongly urged to update their instances immediately to prevent exploitation. If immediate patching disrupts business operations, administrators must deploy temporary mitigations to reduce exposure. Organizations should audit user access and strictly limit workflow creation and modification permissions to fully trusted personnel only. Furthermore, administrators can turn off the vulnerable component entirely by appending n8n-nodes-base.merge to the NODES_EXCLUDE environment variable. While these workarounds offer short-term protection, n8n warns that they do not fully eliminate the risk. Applying the official patches remains the only permanent remediation strategy against this threat.