CVE-2026-27493: CWE-94: Improper Control of Generation of Code ('Code Injection') in n8n-io n8n
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form data. When chained with an expression sandbox escape, this could escalate to remote code execution on the n8n host. The vulnerability requires a specific workflow configuration to be exploitable. First, a form node with a field interpolating a value provided by an unauthenticated user, e.g. a form submitted value. Second, the field value must begin with an `=` character, which caused n8n to treat it as an expression and triggered a double-evaluation of the field content. There is no practical reason for a workflow designer to prefix a field with `=` intentionally — the character is not rendered in the output, so the result would not match the designer's expectations. If added accidentally, it would be noticeable and very unlikely to persist. An unauthenticated attacker would need to either know about this specific circumstance on a target instance or discover a matching form by chance. Even when the preconditions are met, the expression injection alone is limited to data accessible within the n8n expression context. Escalation to remote code execution requires chaining with a separate sandbox escape vulnerability. The issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Review usage of form nodes manually for above mentioned preconditions, disable the Form node by adding `n8n-nodes-base.form` to the `NODES_EXCLUDE` environment variable, and/or disable the Form Trigger node by adding `n8n-nodes-base.formTrigger` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
AI Analysis
Technical Summary
CVE-2026-27493 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code) and CWE-95 (Improper Neutralization of Directives in Dynamically Evaluated Code) affecting the n8n workflow automation platform. The vulnerability exists in n8n's Form nodes prior to versions 2.10.1, 2.9.3, and 1.123.22, where a second-order expression injection flaw allows an unauthenticated attacker to submit crafted form data that begins with an '=' character. This prefix causes n8n to interpret the input as an expression and evaluate it twice, enabling injection and evaluation of arbitrary n8n expressions. Exploitation requires a workflow configured with a form node that interpolates unauthenticated user input, a condition not commonly met and unlikely to persist unnoticed due to the unusual '=' prefix. The injected expressions are initially limited to the n8n expression context, restricting impact. However, if combined with a separate sandbox escape vulnerability, an attacker can escalate this to remote code execution on the host system running n8n. This chaining significantly increases the threat level. The vulnerability does not require authentication or user interaction, making it more dangerous. The issue has been addressed in the specified fixed versions, and users are strongly advised to upgrade. Temporary mitigations include manually reviewing workflows for vulnerable form nodes and disabling the Form and Form Trigger nodes via environment variable exclusions, though these do not fully eliminate risk. No known exploits have been reported in the wild as of the publication date.
Potential Impact
The vulnerability poses a critical risk to organizations using affected versions of n8n, as it allows unauthenticated attackers to inject and evaluate arbitrary expressions, potentially leading to remote code execution if combined with a sandbox escape. This can result in full compromise of the host system, including unauthorized access to sensitive data, disruption of automated workflows, and lateral movement within networks. Given n8n's role in automating business processes and integrating multiple services, exploitation could disrupt critical operations and lead to data breaches or service outages. The lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation in targeted environments. Organizations relying on n8n for workflow automation in cloud or on-premises deployments are at risk, especially if workflows include form nodes accepting unauthenticated input. The impact extends to confidentiality, integrity, and availability of systems and data, with potential cascading effects on connected services and infrastructure.
Mitigation Recommendations
The primary mitigation is to upgrade n8n installations to versions 2.10.1, 2.9.3, or 1.123.22 or later, where the vulnerability is fixed. Until upgrades can be performed, administrators should conduct a thorough manual audit of workflows to identify any form nodes that interpolate unauthenticated user input and check for fields starting with '='. If such workflows exist, consider redesigning them to avoid this pattern or restrict access to trusted users only. As a temporary measure, disable the vulnerable Form node by adding 'n8n-nodes-base.form' and the Form Trigger node by adding 'n8n-nodes-base.formTrigger' to the 'NODES_EXCLUDE' environment variable to prevent their use. This reduces attack surface but does not fully eliminate risk, so it should only be a short-term solution. Additionally, monitor n8n logs and network traffic for suspicious activity indicative of exploitation attempts. Implement network segmentation and host-based protections to limit potential damage from a successful compromise. Stay informed about any sandbox escape vulnerabilities that could be chained with this issue and apply patches promptly.
Affected Countries
United States, Germany, United Kingdom, France, Netherlands, Australia, Canada, Japan, India, Brazil
CVE-2026-27493: CWE-94: Improper Control of Generation of Code ('Code Injection') in n8n-io n8n
Description
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting crafted form data. When chained with an expression sandbox escape, this could escalate to remote code execution on the n8n host. The vulnerability requires a specific workflow configuration to be exploitable. First, a form node with a field interpolating a value provided by an unauthenticated user, e.g. a form submitted value. Second, the field value must begin with an `=` character, which caused n8n to treat it as an expression and triggered a double-evaluation of the field content. There is no practical reason for a workflow designer to prefix a field with `=` intentionally — the character is not rendered in the output, so the result would not match the designer's expectations. If added accidentally, it would be noticeable and very unlikely to persist. An unauthenticated attacker would need to either know about this specific circumstance on a target instance or discover a matching form by chance. Even when the preconditions are met, the expression injection alone is limited to data accessible within the n8n expression context. Escalation to remote code execution requires chaining with a separate sandbox escape vulnerability. The issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Review usage of form nodes manually for above mentioned preconditions, disable the Form node by adding `n8n-nodes-base.form` to the `NODES_EXCLUDE` environment variable, and/or disable the Form Trigger node by adding `n8n-nodes-base.formTrigger` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-27493 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code) and CWE-95 (Improper Neutralization of Directives in Dynamically Evaluated Code) affecting the n8n workflow automation platform. The vulnerability exists in n8n's Form nodes prior to versions 2.10.1, 2.9.3, and 1.123.22, where a second-order expression injection flaw allows an unauthenticated attacker to submit crafted form data that begins with an '=' character. This prefix causes n8n to interpret the input as an expression and evaluate it twice, enabling injection and evaluation of arbitrary n8n expressions. Exploitation requires a workflow configured with a form node that interpolates unauthenticated user input, a condition not commonly met and unlikely to persist unnoticed due to the unusual '=' prefix. The injected expressions are initially limited to the n8n expression context, restricting impact. However, if combined with a separate sandbox escape vulnerability, an attacker can escalate this to remote code execution on the host system running n8n. This chaining significantly increases the threat level. The vulnerability does not require authentication or user interaction, making it more dangerous. The issue has been addressed in the specified fixed versions, and users are strongly advised to upgrade. Temporary mitigations include manually reviewing workflows for vulnerable form nodes and disabling the Form and Form Trigger nodes via environment variable exclusions, though these do not fully eliminate risk. No known exploits have been reported in the wild as of the publication date.
Potential Impact
The vulnerability poses a critical risk to organizations using affected versions of n8n, as it allows unauthenticated attackers to inject and evaluate arbitrary expressions, potentially leading to remote code execution if combined with a sandbox escape. This can result in full compromise of the host system, including unauthorized access to sensitive data, disruption of automated workflows, and lateral movement within networks. Given n8n's role in automating business processes and integrating multiple services, exploitation could disrupt critical operations and lead to data breaches or service outages. The lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation in targeted environments. Organizations relying on n8n for workflow automation in cloud or on-premises deployments are at risk, especially if workflows include form nodes accepting unauthenticated input. The impact extends to confidentiality, integrity, and availability of systems and data, with potential cascading effects on connected services and infrastructure.
Mitigation Recommendations
The primary mitigation is to upgrade n8n installations to versions 2.10.1, 2.9.3, or 1.123.22 or later, where the vulnerability is fixed. Until upgrades can be performed, administrators should conduct a thorough manual audit of workflows to identify any form nodes that interpolate unauthenticated user input and check for fields starting with '='. If such workflows exist, consider redesigning them to avoid this pattern or restrict access to trusted users only. As a temporary measure, disable the vulnerable Form node by adding 'n8n-nodes-base.form' and the Form Trigger node by adding 'n8n-nodes-base.formTrigger' to the 'NODES_EXCLUDE' environment variable to prevent their use. This reduces attack surface but does not fully eliminate risk, so it should only be a short-term solution. Additionally, monitor n8n logs and network traffic for suspicious activity indicative of exploitation attempts. Implement network segmentation and host-based protections to limit potential damage from a successful compromise. Stay informed about any sandbox escape vulnerabilities that could be chained with this issue and apply patches promptly.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-02-19T19:46:03.542Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 699f7718b7ef31ef0b6119dc
Added to database: 2/25/2026, 10:26:32 PM
Last enriched: 3/5/2026, 9:59:32 AM
Last updated: 4/12/2026, 10:01:09 AM
Views: 251
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.