n8n Workflow Vulnerability Bypassed in Days: How to Secure Your Automation (CVE-2026-25049)
A security flaw in n8n’s workflow engine let attackers execute code by masquerading as routine data transformations—no admin rights required.
Pillar discovered a remote code execution vulnerability in n8n workflows by exploiting unsanitized JavaScript expressions.
The attack leveraged the platform’s ability to process user-defined expressions for data manipulation, which attackers repurposed to inject malicious code. As Pillar explains:
"The entire attack fits inside what looks like a data transformation. No special permissions required. No admin access – just a user who can edit workflows."
The initial patch—intended to block template literals—was bypassed within days. The flaw stemmed from incomplete abstract syntax tree (AST) analysis during input sanitization.
The sanitizer made assumptions about JavaScript syntax, failing to detect equivalent malicious expressions disguised as legitimate function arguments. This allowed attackers to repackage the same exploit in a different syntactic form, bypassing the original mitigation.
n8n released a full fix in version 2.4.0, which addresses the AST analysis gap. To verify your instance is patched, IT admins should navigate to the app settings and confirm the version number matches v2.4.0 or higher.
For open-source users, the update is available via GitHub, while enterprise customers can apply the fix through their support channels.
