The disclosed vulnerability CVE-2025-68668 in n8n, an open-source workflow automation platform, is a critical security flaw rated 9.9 on the CVSS scale. It allows an authenticated user with permissions to create or modify workflows to execute arbitrary operating system commands on the host running n8n. The root cause is a sandbox bypass in the Python Code Node, which uses Pyodide to run Python code within workflows. This bypass allows attackers to escape the intended code execution restrictions and run commands with the same privileges as the n8n process, potentially leading to full system compromise. The vulnerability affects all n8n versions from 1.0.0 up to but not including 2.0.0. Starting from version 1.111.0, n8n introduced an optional task runner-based native Python implementation designed to improve security isolation, which became the default in version 2.0.0, effectively mitigating this issue. Until upgrading, n8n recommends disabling the vulnerable Code Node entirely, disabling Python support in the Code Node, or enabling the task runner-based Python sandbox via environment variables (N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER). No known exploits are currently reported in the wild, but the high severity and ease of exploitation for authenticated users make this a critical threat. This vulnerability follows a similar recent critical flaw (CVE-2025-68613) in n8n, highlighting the importance of timely patching and secure configuration.

For European organizations, this vulnerability poses a significant risk, especially those relying on n8n for automating business-critical workflows. Successful exploitation can lead to arbitrary command execution on the host system, enabling attackers to access sensitive data, disrupt operations, or pivot to other internal systems. Given that n8n is often deployed in cloud or on-premises environments with access to internal networks and data stores, the impact could extend beyond the compromised host. Confidentiality is at high risk due to potential data exfiltration, integrity can be compromised by unauthorized changes to workflows or system files, and availability may be affected by destructive commands or ransomware deployment. Organizations in sectors such as finance, healthcare, manufacturing, and public administration that use n8n for automation are particularly vulnerable. The requirement for authentication limits exposure to some extent, but weak authentication controls or compromised credentials could facilitate exploitation. The lack of known active exploits provides a window for mitigation, but the critical severity demands urgent action to prevent potential breaches.

European organizations should immediately upgrade n8n installations to version 2.0.0 or later, where the vulnerability is fully addressed by default. If immediate upgrading is not feasible, implement the recommended workarounds: disable the vulnerable Code Node by setting the environment variable NODES_EXCLUDE to exclude "n8n-nodes-base.code"; disable Python support in the Code Node by setting N8N_PYTHON_ENABLED=false; and enable the task runner-based Python sandbox by configuring N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables. Additionally, enforce strong authentication mechanisms, including multi-factor authentication, to reduce the risk of unauthorized access. Limit workflow creation and modification permissions strictly to trusted users. Monitor logs for unusual workflow changes or command execution attempts. Network segmentation and host-based intrusion detection can help detect and contain potential exploitation. Regularly audit and update all n8n components and dependencies. Finally, maintain an incident response plan specific to automation platform compromises.