CVE-2026-25115 is a critical security vulnerability identified in the n8n open source workflow automation platform, specifically affecting versions prior to 2.4.8. The flaw resides in the Python Code node, which is designed to execute user-provided Python scripts within a sandboxed environment to prevent unauthorized system access. However, due to a protection mechanism failure categorized under CWE-693 (Protection Mechanism Failure), authenticated users can bypass the sandbox restrictions and execute arbitrary code on the host system outside the intended security boundary. This vulnerability requires authentication but no additional user interaction, making it easier to exploit once access is gained. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required beyond authentication (PR:L), no user interaction (UI:N), and high impact on confidentiality, integrity, and availability (VC:H/VI:H/VA:H). The vulnerability was reserved on January 29, 2026, and published on February 4, 2026. Although no exploits have been reported in the wild yet, the potential for severe damage is high due to the ability to execute arbitrary code, which could lead to full system compromise, data theft, or disruption of automated workflows. The issue has been addressed and patched in n8n version 2.4.8, which enforces proper sandboxing and code execution restrictions.

For European organizations, the impact of this vulnerability can be substantial, especially for those leveraging n8n for critical business process automation, data integration, and workflow orchestration. Exploitation could lead to unauthorized access to sensitive data, manipulation or destruction of automated workflows, and potential lateral movement within internal networks. This could disrupt business operations, cause data breaches, and result in regulatory non-compliance under GDPR due to compromised data confidentiality and integrity. Organizations in sectors such as finance, healthcare, manufacturing, and government that rely on automation platforms are particularly at risk. Additionally, the vulnerability could be leveraged as a foothold for further attacks, including ransomware deployment or espionage. The lack of required user interaction and the ability to exploit remotely over the network increase the threat level. Even though no known exploits are currently active, the critical severity and ease of exploitation necessitate immediate attention to prevent future incidents.

To mitigate this vulnerability, European organizations should immediately upgrade all instances of n8n to version 2.4.8 or later, where the sandbox escape issue has been patched. Until upgrades are completed, restrict access to the n8n platform by enforcing strong authentication mechanisms, such as multi-factor authentication (MFA), and limit user permissions to the minimum necessary, especially restricting access to the Python Code node. Implement network segmentation to isolate n8n servers from sensitive internal systems and monitor network traffic for unusual activity indicative of exploitation attempts. Employ application-level monitoring and logging to detect anomalous Python code execution or unexpected system calls originating from the Python Code node. Regularly audit user accounts and review workflow configurations to identify and remove unnecessary or risky scripts. Additionally, consider deploying runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions to detect and block suspicious behaviors. Finally, maintain an incident response plan tailored to automation platform compromises to enable rapid containment and recovery.