CVE-2026-25052: Low-Privilege n8n Users Can Read Host Files and Take Over Entire Instances — Critical Patch Released

Aegiron 9 mins0

Overview

A critical security vulnerability has been identified in n8n, an open-source workflow automation platform. The issue exists due to insufficient file access control enforcement within workflow execution logic. In affected versions, authenticated users with permissions to create or modify workflows are able to read arbitrary files from the underlying host system.

This weakness allows exposure of highly sensitive configuration data, secrets, and credentials stored on the server. If exploited, it can lead to complete compromise of the n8n instance, including full administrative account takeover.

CVE Details

  • CVE ID: CVE-2026-25052
  • Severity: Critical
  • CVSS v3.1 Score: 9.8 (Critical)
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low (authenticated user with workflow edit permissions)
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
  • Exploitability: High
  • Public Exploit Availability: No official public exploit released; exploitation logic is trivial and reproducible

Affected Versions

  • All n8n versions prior to 1.123.18
  • All n8n versions prior to 2.5.0

Root Cause Analysis

The vulnerability is caused by improper validation and restriction of file paths used during workflow execution. Certain workflow nodes internally allow file handling or indirect file references. Due to missing boundary checks, file paths supplied through workflow configuration are not adequately restricted to safe directories.

As a result, workflows are able to:

  • Escape intended directories
  • Reference absolute system paths
  • Access files unrelated to workflow execution

This violates the expected trust boundary between workflow users and the host operating system.

How the Vulnerability Can Be Exploited

Pre-conditions

  • A valid n8n user account is required
  • The user must have permission to create or edit workflows (common in shared environments)
  • The instance must be running a vulnerable version

Exploitation Process (High-level)

  1. A workflow is created or modified by the attacker.
  2. A node capable of interacting with files or handling paths is configured.
  3. A crafted file path is supplied, pointing outside allowed directories.
  4. The workflow is executed.
  5. The contents of the targeted file are returned in execution output or logs.

Files Commonly Targeted

  • Environment files (.env)
  • Application configuration files
  • Credential storage files
  • Encryption keys and tokens
  • Container or orchestration secrets
  • Service account credentials
  • Session or JWT signing secrets

Once obtained, these files enable:

  • Forged authentication tokens
  • Database access
  • Impersonation of any user
  • Persistent access to the platform

Proof of Concept (Educational)

No official proof-of-concept exploit has been publicly released. However, exploitation does not require advanced techniques.

Example Payload Patterns

These payloads illustrate common path manipulation patterns observed during testing:

../../../../etc/passwd

/home/node/.n8n/.env

/proc/self/environ

/var/run/secrets/kubernetes.io/serviceaccount/token

These examples are provided strictly for defensive awareness and detection validation.

Impact Assessment

If successfully exploited, the following impacts are expected:

  • Full disclosure of sensitive configuration data
  • Theft of stored credentials for third-party services
  • Complete account takeover, including administrators
  • Ability to modify or delete workflows
  • Potential lateral movement into connected infrastructure

In practice, a low-privileged workflow editor can become a full system administrator.

MITRE ATT&CK Mapping

  • TA0001 – Initial Access
  • TA0004 – Privilege Escalation
  • TA0006 – Credential Access
  • TA0009 – Collection
  • TA0003 – Persistence

Associated Techniques

  • T1083 – File and Directory Discovery
  • T1552 – Unsecured Credentials
  • T1078 – Valid Accounts

Detection Strategy

What Should Be Monitored

  • Workflow creation and modification events
  • Workflow execution logs and outputs
  • File access patterns during workflow execution
  • Authentication and session creation events
  • Host or container file access logs

Detection Rules

Rule 1 – Suspicious File Path Usage in Workflows

Detect workflow executions referencing sensitive paths.

Example (generic log query):

SELECT *
FROM application_logs
WHERE message LIKE '%../%'
   OR message LIKE '%/etc/%'
   OR message LIKE '%/proc/%'
   OR message LIKE '%/var/run/%'
   OR message LIKE '%.env%'

Rule 2 – Non-Admin File Access via Workflows

Detect workflows accessing files executed by non-administrative users.

SELECT user, workflow_id, execution_time
FROM workflow_execution_logs
WHERE file_access = true
  AND user_role != 'admin'

Rule 3 – Abnormal Workflow Output Size

Sensitive file dumps often result in unusually large outputs.

SELECT workflow_id, output_size
FROM workflow_execution_logs
WHERE output_size > 500000

Rule 4 – Sudden Privilege Escalation

Detect administrative access shortly after workflow edits.

SELECT *
FROM auth_logs
WHERE user_role = 'admin'
  AND timestamp > (
      SELECT MAX(modified_at)
      FROM workflows
      WHERE modified_by = auth_logs.user
  )

Log Sources Required

To effectively detect exploitation attempts, the following log sources should be enabled and retained:

  • n8n application logs
  • Workflow execution logs
  • Authentication and session logs
  • Host OS file access logs
  • Container runtime or orchestration logs

Remediation and Patch Information

This vulnerability has been fully patched by enforcing strict file access boundaries during workflow execution.

Immediate Action Required

Upgrade n8n to one of the following versions or later:

  • n8n 1.123.18
  • n8n 2.5.0

Official Patch / Upgrade Links

Post-Patch Security Recommendations

  • Rotate all secrets stored on the instance
  • Review workflows created or modified before patching
  • Restrict workflow creation to trusted users
  • Run n8n with least-privilege filesystem permissions
  • Avoid mounting sensitive host directories into containers
  • Implement continuous monitoring for workflow behavior

Final Takeaway

CVE-2026-25052 represents a high-risk privilege escalation and data exposure vulnerability. Due to its low exploitation barrier and high impact, unpatched systems should be considered compromised until proven otherwise.

Immediate patching, credential rotation, and enhanced monitoring are strongly recommended.

Aegiron

Backed by 11+ years in cybersecurity and incident response, we decode the latest threats shaping today’s digital battlefield. This blog cuts through the noise with clear insights on vulnerabilities, emerging exploits, and the cyber news defenders can’t afford to miss.