Critical Vulnerability in n8n Platform - Cyber Security Agency of Singapore

Home Alerts & Advisories Alerts Critical Vulnerability in n8n Platform Alerts Critical Vulnerability in n8n Platform 6 February 2026 n8n has released security update addressing a critical vulnerability in n8n open-source workflow automation platform. Users and administrators of affected products are advised to update to the latest version immediately. Background n8n has released security update addressing a critical vulnerability (CVE-2026-25049) in n8n open-source workflow automation platform.  Impact Successful exploitation of this vulnerability could allow an attacker to perform full remote code execution within affected n8n environments potentially leading to unauthorised access, data compromise, or disruption of workflows and connected systems. Affected Products The vulnerability affects n8n versions prior to 1.123.17 and 2.5.2.  Recommendations Users and administrators of affected products are advised to update to the latest version immediately. If immediate patching is not feasible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only. Deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of a potential exploitation. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures. References https://www.bleepingcomputer.com/news/security/critical-n8n-flaws-disclosed-along-with-public-exploits/ https://feedly.com/cve/CVE-2026-25049 https://nvd.nist.gov/vuln/detail/CVE-2026-25049 Back to top