Critical Patch Bypass Exposes n8n Users to Remote Code Execution Again — Emergency Updates Released

Aegiron 6 mins0

Overview

n8n, the widely used open-source workflow automation platform, released emergency security updates today after researchers uncovered new critical vulnerabilities that bypassed earlier fixes for CVE-2025-68613.

The newly addressed issue, tracked as CVE-2026-25049, allowed attackers to regain remote code execution (RCE) capabilities even on systems that administrators believed were fully patched. Security experts warn that public proof-of-concept (PoC) exploit code has already surfaced, significantly increasing the risk of active exploitation.

Background: The Original RCE

The initial vulnerability, CVE-2025-68613, disclosed in late 2025, exposed a serious flaw in how n8n handled dynamic expression evaluation inside workflows.

n8n allows users to create automated workflows using embedded JavaScript expressions. Researchers discovered that crafted expressions could escape sandbox controls and execute arbitrary system commands on the host machine.

Attackers with workflow editing privileges could:

  • Execute operating system commands
  • Access stored credentials and API tokens
  • Move laterally across internal infrastructure
  • Fully compromise affected servers

Following disclosure, n8n released patches intended to sanitize and restrict expression execution.

What Changed: Patch Bypass Identified

Security researchers later determined that the original remediation did not fully close the attack surface. The new flaw (CVE-2026-25049) exploited gaps in how expression handling logic enforced restrictions across different execution contexts.

The bypass enabled attackers to:

  • Inject malicious expressions through alternate execution paths
  • Trigger command execution via improperly secured workflows
  • Abuse publicly exposed webhooks in certain configurations

Because the bypass targeted behavior rather than a single vulnerable function, previously updated systems remained exposed unless upgraded again.

Impact and Risk

The vulnerabilities affect:

  • Self-hosted Docker deployments
  • Cloud-hosted virtual machine installations
  • On-premises enterprise environments

Instances with publicly accessible webhooks or loosely managed workflow permissions face elevated risk.

Security analysts note that automation platforms often hold API keys, database credentials, and cloud tokens. Successful exploitation can therefore lead to broader infrastructure compromise.

With public exploit code now available, threat actors may attempt automated scanning and exploitation of exposed instances.

Vendor Response

n8n GmbH addressed the issue in newly released versions of the platform. The company urges all administrators to upgrade immediately.

Official Upgrade Guidance

Users should update to:

  • Version 1.123.17 or later
  • Version 2.5.2 or later

Official update instructions are available at:

https://docs.n8n.io/hosting/installation/updating

Detection and Monitoring Guidance

Security teams should review logs and endpoint telemetry for suspicious activity.

Indicators to Monitor

  • Unexpected workflow modifications
  • Expressions containing child_process, exec(, or require(
  • Unknown webhook triggers
  • Unusual outbound network connections from the n8n server

Detection Queries

Suspicious Child Processes Spawned by Node:

process where 
  parent.process.name == "node" and
  process.name in ("bash","sh","curl","wget","nc","python","perl")

Potential Reverse Shell Traffic:

network where 
  process.name == "node" and 
  destination.port in (4444, 1337, 9001)

Log-Based Expression Injection Detection:

message:("*child_process*" OR "*exec(*" OR "*process.mainModule*" OR "*require(*")

Organizations should also review recent workflow creation and modification activity.

Hardening Recommendations

Beyond patching, security teams should:

  • Restrict workflow creation and editing permissions
  • Disable or protect public webhooks
  • Run n8n under a least-privileged service account
  • Place the service behind an authenticated reverse proxy
  • Monitor outbound connections from the host

Broader Security Implications

The incident highlights the risks associated with dynamic code evaluation inside automation platforms. Tools like n8n integrate deeply into enterprise environments and often store high-value credentials. A single RCE vulnerability can therefore cascade into large-scale compromise.

Security professionals recommend that organizations treat workflow automation tools as high-sensitivity infrastructure and include them in routine vulnerability scanning and threat hunting operations.

Final Takeaway

The newly disclosed patch bypass demonstrates that earlier fixes for CVE-2025-68613 were incomplete. Administrators who installed only the original update remain at risk until they apply the latest versions.

With exploit code publicly available and internet-exposed instances detectable through scanning, immediate patching and log review are strongly advised.

Aegiron

Backed by 11+ years in cybersecurity and incident response, we decode the latest threats shaping today’s digital battlefield. This blog cuts through the noise with clear insights on vulnerabilities, emerging exploits, and the cyber news defenders can’t afford to miss.