CVE-2026-33660 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code) affecting the n8n open source workflow automation platform. The flaw exists in the Merge node's 'Combine by SQL' mode, which leverages the AlaSQL engine to process SQL queries within workflows. Prior to fixed versions 2.14.1, 2.13.3, and 1.123.26, the AlaSQL sandbox did not adequately restrict certain SQL statements, allowing an authenticated user with permissions to create or modify workflows to execute arbitrary SQL commands that can read local files on the n8n host. This capability can be escalated to remote code execution (RCE), enabling attackers to run arbitrary code on the server hosting n8n. The vulnerability requires only low privileges (authenticated user with workflow modification rights) and no additional user interaction, making it highly exploitable in environments where such permissions are granted. The vulnerability affects multiple version ranges: all versions below 1.123.27, versions from 2.0.0-rc.0 up to but not including 2.13.3, and version 2.14.0. The root cause is insufficient sandboxing of the AlaSQL engine, which allowed bypassing security controls intended to prevent malicious SQL execution. The vendor has addressed the issue by improving sandbox restrictions and patching the affected versions. Temporary mitigations include limiting workflow creation and editing permissions to fully trusted users and disabling the Merge node via environment variable configuration, but these are not complete fixes. The CVSS 4.0 base score is 9.4, reflecting critical severity with network attack vector, low attack complexity, no privileges required beyond workflow editing, no user interaction, and high impact on confidentiality, integrity, and availability.

The impact of CVE-2026-33660 is severe for organizations using the n8n platform, especially those exposing it to multiple users or integrating it into critical workflows. Exploitation can lead to unauthorized disclosure of sensitive files on the host system, including configuration files, credentials, or other sensitive data. More critically, attackers can achieve remote code execution, potentially gaining full control over the n8n server and pivoting to other internal systems. This can result in data breaches, disruption of automated business processes, deployment of malware or ransomware, and loss of service availability. Since n8n is often used to automate workflows that connect various enterprise systems and cloud services, compromise of n8n can cascade into broader organizational impact. The vulnerability’s ease of exploitation by any authenticated user with workflow modification rights increases risk in multi-tenant or collaborative environments. Organizations that do not promptly patch or mitigate this vulnerability face a high risk of compromise, data loss, and operational disruption.

To mitigate CVE-2026-33660, organizations should immediately upgrade n8n to versions 2.14.1, 2.13.3, 1.123.26, or later, where the vulnerability is fully patched. Until upgrades can be applied, restrict workflow creation and editing permissions strictly to fully trusted and vetted users to reduce the attack surface. Additionally, disable the Merge node by adding 'n8n-nodes-base.merge' to the 'NODES_EXCLUDE' environment variable to prevent use of the vulnerable functionality. Monitor workflow changes and audit user activities related to workflow creation and modification to detect suspicious behavior. Employ network segmentation and access controls to limit exposure of the n8n server to only necessary users and systems. Regularly review and update access policies for the platform. Consider implementing runtime application self-protection (RASP) or host-based intrusion detection to detect anomalous execution patterns. Finally, maintain up-to-date backups and incident response plans to recover quickly if exploitation occurs.