Threat Intelligence / CVE / CVE-2026-25053

CVE-2026-25053

CVSS 9.9 (CRITICAL) · EPSS 0.0% · Published 2026-02-04

n8n is an open source workflow automation platform. Prior to versions 1.123.10 and 2.5.0, vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. This issue has been patched in versions 1.123.10 and 2.5.0.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Weaknesses (CWE)

CWE-78

Threats tracking this CVE

n8n Multi-CVE Vulnerability Cascade — Expression Sandbox Escape, Pyodide RCE, Arbitrary File Write, Command Injection (9 CVEs, 2× CVSS 10.0) — CRITICAL

References

https://github.com/n8n-io/n8n/security/advisories/GHSA-9g95-qf3f-ggrw

Full detection coverage & IOCs for threats exploiting CVE-2026-25053 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence