- CVE-2025-68668 in n8n’s Python Code Node enables arbitrary system command execution
- Attackers with workflow permissions can bypass Pyodide sandbox, risking malware, data theft, and system compromise
- Fixed in n8n v1.111.0; v2.0.0 defaults to secure task-runner Python isolation
A critical-severity vulnerability was recently found in n8n, allowing threat actors to run arbitrary code on the underlying system.
n8n is an open-source workflow automation platform that lets users connect apps, APIs, and services to automate tasks without heavy coding. It allows users to to build visual workflows that move data between tools, trigger actions, and run custom logic.
In a security advisory posted on GitHub, it was confirmed that a sandbox bypass vulnerability existed in the Python Code Node that uses Pyodide, a Python runtime for the browser and other JavaScript environments.
Severity of 9.9/10
The flaw allows unauthenticated users with permission to create or modify the workflows to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process.
It is tracked as CVE-2025-68668, and was given a severity score of 9.9/10 (critical).
In theory, an attacker with a valid account and workflow editing permissions could embed specially crafted Python code into a workflow’s Python Code Node, breaking out of Pyodide and invoking system-level commands. Once arbitrary commands can be run on the host, attackers can deploy malware or backdoors, steal sensitive data, move laterally throughout the network, modify and disrupt workflows, and completely compromise the underlying system.
The vulnerability was fixed in n8n version 1.111.0, with the addition of a task-runner-based native Python implementation that provides “a more secure isolation model.” The implementation was introduced as an optional feature which the users can enable by configuring the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
This implementation became the default starting with n8n version 2.0.0, it was said in the advisory.
Those that cannot upgrade to the newest version can use some of the available workarounds, including disabling the Code Node, disabling Python support in the Code Node, or configuring n8n to use the task runner based Python sandbox.
Via Cybernews
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
