CVE-2026-27495: CWE-94: Improper Control of Generation of Code ('Code Injection') in n8n-io n8n
CVE-2026-27495 is a critical code injection vulnerability in the n8n workflow automation platform affecting versions prior to 2. 10. 1, 2. 9. 3, and 1. 123. 22. An authenticated user with workflow creation or modification permissions can exploit a flaw in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox. On default internal Task Runner mode, this leads to full host compromise, while external Task Runner mode limits impact to the runner environment. No user interaction or elevated privileges beyond workflow permissions are required, making exploitation straightforward for authorized users.
AI Analysis
Technical Summary
CVE-2026-27495 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code) affecting the n8n open source workflow automation platform. The flaw exists in the JavaScript Task Runner sandbox implementation used by n8n to execute user-defined code within workflows. Prior to patched versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permissions to create or modify workflows can craft malicious JavaScript code that escapes the sandbox boundary, enabling arbitrary code execution on the host system. In the default configuration where internal Task Runners are used (enabled by default), this vulnerability allows full compromise of the n8n host, including potential access to underlying operating system resources and data. When external Task Runners are configured (enabled via N8N_RUNNERS_ENABLED=true and N8N_RUNNERS_MODE=external), exploitation may still allow access to or interference with other tasks running on the external runner, but the host system is better isolated. The vulnerability requires no additional user interaction beyond authentication and workflow permissions, making it highly exploitable by insiders or compromised accounts. The issue was publicly disclosed on February 25, 2026, with a CVSS 4.0 score of 9.4, indicating critical severity due to network attack vector, low complexity, no privileges required beyond workflow editing, and high impact on confidentiality, integrity, and availability. No known exploits in the wild have been reported yet. The recommended remediation is to upgrade to the fixed versions. If immediate upgrade is not feasible, administrators should restrict workflow creation and editing permissions to fully trusted users and consider switching to external runner mode to reduce the attack surface. These mitigations reduce but do not eliminate risk. The vulnerability highlights the dangers of executing user-supplied code in automation platforms without robust sandboxing and access controls.
Potential Impact
The impact of CVE-2026-27495 is severe for organizations using n8n, especially those running internal Task Runners. Exploitation can lead to full host compromise, allowing attackers to execute arbitrary code with the privileges of the n8n process, potentially leading to data theft, service disruption, lateral movement within the network, and deployment of further malware. For instances using external Task Runners, the attacker may disrupt or manipulate other running tasks, impacting workflow integrity and availability. Since the vulnerability requires only authenticated access with workflow editing permissions, insider threats or compromised user accounts pose a significant risk. Organizations with multiple users authorized to create or modify workflows are particularly vulnerable. The breach of confidentiality, integrity, and availability can affect business-critical automation processes, leading to operational downtime and reputational damage. The vulnerability's critical CVSS score reflects its potential to cause widespread harm if exploited. Given n8n's growing adoption in enterprise automation, the threat has global relevance, especially in sectors relying heavily on automated workflows such as finance, healthcare, and technology.
Mitigation Recommendations
To mitigate CVE-2026-27495, organizations should prioritize upgrading n8n to versions 2.10.1, 2.9.3, 1.123.22, or later, which contain the patch fixing the sandbox escape vulnerability. Until upgrades can be applied, administrators should enforce strict access controls by limiting workflow creation and modification permissions exclusively to fully trusted and vetted users to reduce the risk of malicious code injection. Additionally, configuring n8n to use external Task Runner mode (by setting N8N_RUNNERS_ENABLED=true and N8N_RUNNERS_MODE=external) can isolate task execution environments and limit the blast radius of any potential exploitation. Regularly auditing user permissions and monitoring workflow changes for suspicious activity can help detect attempts to exploit this vulnerability. Implementing network segmentation and host-based intrusion detection on n8n servers can further reduce risk. Finally, organizations should maintain up-to-date backups of workflows and system configurations to enable rapid recovery in case of compromise. These combined measures provide a layered defense beyond generic advice, addressing both prevention and detection.
Affected Countries
United States, Germany, United Kingdom, France, Canada, Australia, Netherlands, Japan, South Korea, India
CVE-2026-27495: CWE-94: Improper Control of Generation of Code ('Code Injection') in n8n-io n8n
Description
CVE-2026-27495 is a critical code injection vulnerability in the n8n workflow automation platform affecting versions prior to 2. 10. 1, 2. 9. 3, and 1. 123. 22. An authenticated user with workflow creation or modification permissions can exploit a flaw in the JavaScript Task Runner sandbox to execute arbitrary code outside the sandbox. On default internal Task Runner mode, this leads to full host compromise, while external Task Runner mode limits impact to the runner environment. No user interaction or elevated privileges beyond workflow permissions are required, making exploitation straightforward for authorized users.
AI-Powered Analysis
Technical Analysis
CVE-2026-27495 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code) affecting the n8n open source workflow automation platform. The flaw exists in the JavaScript Task Runner sandbox implementation used by n8n to execute user-defined code within workflows. Prior to patched versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permissions to create or modify workflows can craft malicious JavaScript code that escapes the sandbox boundary, enabling arbitrary code execution on the host system. In the default configuration where internal Task Runners are used (enabled by default), this vulnerability allows full compromise of the n8n host, including potential access to underlying operating system resources and data. When external Task Runners are configured (enabled via N8N_RUNNERS_ENABLED=true and N8N_RUNNERS_MODE=external), exploitation may still allow access to or interference with other tasks running on the external runner, but the host system is better isolated. The vulnerability requires no additional user interaction beyond authentication and workflow permissions, making it highly exploitable by insiders or compromised accounts. The issue was publicly disclosed on February 25, 2026, with a CVSS 4.0 score of 9.4, indicating critical severity due to network attack vector, low complexity, no privileges required beyond workflow editing, and high impact on confidentiality, integrity, and availability. No known exploits in the wild have been reported yet. The recommended remediation is to upgrade to the fixed versions. If immediate upgrade is not feasible, administrators should restrict workflow creation and editing permissions to fully trusted users and consider switching to external runner mode to reduce the attack surface. These mitigations reduce but do not eliminate risk. The vulnerability highlights the dangers of executing user-supplied code in automation platforms without robust sandboxing and access controls.
Potential Impact
The impact of CVE-2026-27495 is severe for organizations using n8n, especially those running internal Task Runners. Exploitation can lead to full host compromise, allowing attackers to execute arbitrary code with the privileges of the n8n process, potentially leading to data theft, service disruption, lateral movement within the network, and deployment of further malware. For instances using external Task Runners, the attacker may disrupt or manipulate other running tasks, impacting workflow integrity and availability. Since the vulnerability requires only authenticated access with workflow editing permissions, insider threats or compromised user accounts pose a significant risk. Organizations with multiple users authorized to create or modify workflows are particularly vulnerable. The breach of confidentiality, integrity, and availability can affect business-critical automation processes, leading to operational downtime and reputational damage. The vulnerability's critical CVSS score reflects its potential to cause widespread harm if exploited. Given n8n's growing adoption in enterprise automation, the threat has global relevance, especially in sectors relying heavily on automated workflows such as finance, healthcare, and technology.
Mitigation Recommendations
To mitigate CVE-2026-27495, organizations should prioritize upgrading n8n to versions 2.10.1, 2.9.3, 1.123.22, or later, which contain the patch fixing the sandbox escape vulnerability. Until upgrades can be applied, administrators should enforce strict access controls by limiting workflow creation and modification permissions exclusively to fully trusted and vetted users to reduce the risk of malicious code injection. Additionally, configuring n8n to use external Task Runner mode (by setting N8N_RUNNERS_ENABLED=true and N8N_RUNNERS_MODE=external) can isolate task execution environments and limit the blast radius of any potential exploitation. Regularly auditing user permissions and monitoring workflow changes for suspicious activity can help detect attempts to exploit this vulnerability. Implementing network segmentation and host-based intrusion detection on n8n servers can further reduce risk. Finally, organizations should maintain up-to-date backups of workflows and system configurations to enable rapid recovery in case of compromise. These combined measures provide a layered defense beyond generic advice, addressing both prevention and detection.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-02-19T19:46:03.542Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 699f7718b7ef31ef0b6119ea
Added to database: 2/25/2026, 10:26:32 PM
Last enriched: 2/25/2026, 10:40:48 PM
Last updated: 2/26/2026, 4:35:53 AM
Views: 18
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-2506: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motahar1 EM Cost Calculator
MediumCVE-2026-2499: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in tgrk Custom Logo
MediumCVE-2026-2498: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in bulktheme WP Social Meta
MediumCVE-2026-2489: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in readymadeweb TP2WP Importer
MediumCVE-2026-2029: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in livemesh Livemesh Addons for Beaver Builder
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.