Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.
A previously published patch left a gaping hole that crooks will happily exploit.
The Register on MSN
n8n security woes roll on as new critical flaws bypass December fix
Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in ...
CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results