- CVE-2025-68668 in n8n’s Python Code Node allows arbitrary system command execution
- Attackers with workflow permissions can bypass the Pyodide sandbox and risk malware, data theft, and system compromise
- Fixed in n8n v1.111.0; v2.0.0 is the default for secure task-runner Python isolation
A critical severity vulnerability was recently found in n8n, which allows threat actors to run arbitrary code on the underlying system.
n8n is an open source workflow automation platform that lets users connect apps, APIs and services to automate tasks without heavy coding. It allows users to build visual workflows that move data between tools, trigger actions, and run custom logic.
In a security advisory published on GitHub, it was confirmed that a sandbox bypass vulnerability existed in Python Code Node that uses Pyodide, a Python runtime for the browser and other JavaScript environments.
Difficulty level of 9.9/10
The flaw allows unauthorized users with permission to create or modify the workflows to execute arbitrary commands on the host system running n8n using the same privileges as the n8n process.
It is tracked as CVE-2025-68668 and received a severity score of 9.9/10 (Critical).
In theory, an attacker with a valid account and permissions to edit workflows could embed specially crafted Python code in a workflow’s Python code node, break out of Pyodide, and invoke system-level commands. When arbitrary commands can be run on the host, attackers can deploy malware or backdoors, steal sensitive data, move laterally through the network, alter and disrupt workflows, and completely compromise the underlying system.
The vulnerability was fixed in n8n version 1.111.0 with the addition of a task-runner-based native Python implementation that provides “a more secure isolation model.” The implementation was introduced as an optional feature that users can enable by configuring the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
This implementation became the standard starting with n8n version 2.0.0, the manual said.
Those unable to upgrade to the latest version can use some of the available workarounds, including disabling Code Node, disabling Python support in Code Node, or configuring n8n to use the task runner-based Python sandbox.
Via Cyber news
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
