× EU ICT Risk Newsroom DORA News On the Horizon ΑΙ Cybersec Space Cyber Alerts GDPR News EU CERT Advisories ICT Governance ESA/NCAs Contact
Switch to Greek 🔍

Critical n8n Flaw Allows System Command Execution via Malicious Workflows

Newsroom - 05 February 2026 - 08:16

A new, critical security vulnerability has been disclosed in the n8n workflow automation platform. If successfully exploited, this flaw could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), stems from inadequate sanitization. It bypasses safeguards implemented to address CVE-2025-68613 (CVSS score: 9.9), another critical defect.

Critical n8n Flaw Allows System Command Execution via Malicious Workflows
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform. If successfully exploited, this flaw could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), stems from inadequate sanitization. It bypasses safeguards implemented to address CVE-2025-68613 (CVSS score: 9.9), another critical defect.
n8n vulnerability command execution CVE-2026-25049

Subscribe for EU DORA and Banking ICT Risk news and insights