A serious security flaw has been discovered in n8n, an open-source workflow automation platform. This vulnerability, assigned CVE-2025-68668, has a critical severity score of 9.9 on the CVSS. Unauthenticated users can run arbitrary system commands on the underlying host. Even though this capability allows for powerful automation, its inclusion poses grave risks to the security of n8n deployments.
The vulnerability affects the Python Code Node feature, which is affected by a sandbox bypass vulnerability. Originally introduced in version 1.111.0, the new task runner-based native Python implementation aimed to address security isolation in n8n workflows. This glaring loophole defeats that purpose and leaves systems vulnerable to exploitation.
Details of the Vulnerability
CVE-2025-68668 is a vulnerability that an authenticated attacker could exploit to execute arbitrary commands on the host system where n8n is running. The Python Code Node, which uses Pyodide behind the scenes, is especially vulnerable to this security vulnerability.
“An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process.” – GitHub advisory
The impact of this weakness is critical, since it allows an attacker to obtain complete access to the host system. Organizations utilizing n8n should understand the dangers associated with this vulnerability. They must take immediate action to mitigate its effects.
Impact on Users and Systems
This means any user of n8n who has permission to create or edit workflows, whether an admin or not, is vulnerable. If they are, attackers could use their access to run malicious commands on the host that the container runs on. This vulnerability puts average users at great risk. More importantly, it presents a broader risk to the systems leveraging n8n for workflow automation and orchestration.
n8n is particularly popular, with public sector organizations, small businesses to large enterprises and everything in between using the free and open source automation tool. Second, because widespread exploitation seems inevitable. We strongly recommend that organizations evaluate their n8n installations and use best-practice precautions to protect them from unauthorized access.
Recommendations for Mitigation
In order to protect yourself from CVE-2025-68668, it is crucial that all users of n8n take urgent security action. This can involve auditing user permissions and making sure only users that you trust have access to create or change workflows. Further, users need to keep an eye out for updates from n8n and install security patches as soon as they are released.
Organizations utilizing the Python Code Node feature are encouraged to disable this feature until a patch is made available. By taking proactive steps, they can mitigate the risks associated with this vulnerability and maintain a secure workflow automation environment.
