CVE-2026-1470: Remote Code Execution via n8n Expression Evaluation
Executive Summary
CVE-2026-1470 is a critical remote code execution (RCE) vulnerability in the n8n workflow automation platform. The flaw stems from unsafe evaluation of user-supplied workflow expressions, allowing authenticated users to execute arbitrary JavaScript code within the n8n runtime and fully compromise the instance. Exploitation requires low privileges, no user interaction, and impacts all unpatched n8n deployments.
CVE-2026-1470 Technical Details
CVE-2026-1470 has been assigned a critical severity score (CVSS 9.9), reflecting its high impact and ease of exploitation.
- CWE Category: CWE‑95 – Improper Neutralization of Directives in Dynamically Evaluated Code (Eval Injection)
- This class of vulnerability arises when user‑supplied data is evaluated as code without sufficient sanitization or sandboxing.
- Attack Vector: Network (remote)
- Privileges Required: Low (authenticated user)
- User Interaction: None
- Impact: High
- Successful exploitation results in full compromise of the n8n instance, including unauthorized access to sensitive data, workflow manipulation, and execution of system-level commands.
- Public Proof of Concept: No public or official proof-of-concept exploit has been published at the time of writing.
What is n8n?
As described in our previous blog post covering the last critical n8n vulnerability, n8n is a widely adopted workflow automation platform that often sits at the center of an organization’s operational and integration stack. It is commonly used to orchestrate business logic across SaaS applications, internal services, and cloud APIs, acting as an execution layer for automation workflows.
From a security perspective, n8n is particularly sensitive because it is designed to execute logic, transform data, and interact with external systems on behalf of users. Workflows frequently run with access to privileged API tokens, secrets, and internal endpoints, and are trusted to perform actions automatically without human validation at runtime.
Why n8n Has Become a High-Value Target
Over the past months, n8n has seen a growing number of high-severity security disclosures, including multiple vulnerabilities rated with the maximum CVSS score of 10.0. This trend highlights a broader pattern: platforms that combine automation, extensibility, and code execution capabilities present a powerful attack surface when isolation boundaries fail.
Technical Breakdown – How the Attack Works?
Background: n8n Expressions
n8n allows users to embed expressions inside workflows to dynamically evaluate values at runtime (e.g., referencing previous nodes, transforming data, performing logic).
These expressions are evaluated by n8n’s Expression evaluation engine, which runs inside the same Node.js process as the application itself.
Root Cause
The vulnerability occurs because user‑supplied expressions are evaluated in an execution context that is not sufficiently sandboxed.
As a result:
- Expressions can escape their intended logical scope
- Malicious payloads can be evaluated as arbitrary JavaScript code
- That code executes with the privileges of the n8n process
Attack Flow
- An authenticated attacker creates or modifies a workflow and injects a malicious expression into a field that supports dynamic expression evaluation.
- When the workflow is executed, n8n evaluates the expression within the same Node.js process as the application itself. Due to insufficient sandboxing, the expression escapes its intended execution context and gains access to sensitive runtime primitives.
- This results in arbitrary code execution with the privileges of the n8n service, enabling full compromise of the instance – including access to secrets, workflow manipulation, and execution of system-level commands.
Impact in Real Environments
Successful exploitation may allow an attacker to:
- Execute OS commands on the n8n host
- Read environment variables and stored credentials
- Modify or sabotage existing workflows
- Persist access via workflow backdoors
- Potentially pivot to other internal systems
Because n8n is often deployed with access to APIs, databases, and cloud credentials, the blast radius can extend far beyond the n8n instance itself.
Affected and Patched Versions
Affected versions include multiple major release lines of n8n before recent patches. According to CVEdetails, the vulnerability affects the following:
- All n8n versions earlier than 1.123.17
(0.xand1.xup to but not including1.123.17) - n8n 2.0.0 up to 2.4.4
(between2.0.0to2.4.5) - n8n 2.5.0
(between2.5.0to2.5.1)
Patched releases resolving this issue are:
- 1.123.17
- 2.4.5
- 2.5.1
Mitigation & Recommendations
- Upgrade Immediately: Users should update to one of the patched versions listed above as soon as possible.
- Review Permissions: Restrict workflow configuration rights to trusted administrators until the patch is applied.
- Sandboxing & Isolation: Although n8n has expression sandboxing mechanisms, this vulnerability shows they can be bypassed — organizations should evaluate additional isolation controls in sensitive environments.
- Monitor for Suspicious Expressions: Logging and monitoring of workflow configuration and execution can provide early detection of abuse patterns.
How Upwind Can Help
While applying the official patches is the most important mitigation step, additional runtime visibility can help organizations detect and respond to exploitation attempts in real environments.
API-level threat monitoring
Upwind analyzes API and webhook traffic in real time, providing visibility into suspicious request patterns that may indicate abuse of automation platforms. This includes anomalous request structures, unexpected parameter injection, content-type inconsistencies, and other indicators that may precede expression-based exploitation attempts.
SBOM-driven exposure awareness
Upwind continuously maintains an SBOM across applications and workloads, allowing teams to quickly identify where vulnerable n8n versions and related components are deployed. By correlating software inventory with runtime context, security teams can understand which environments are exposed and prioritize remediation based on real deployment risk.
Runtime visibility and behavioral detection
Through runtime monitoring, Upwind observes workload behavior at execution time. Indicators such as unexpected process execution, abnormal file access patterns, suspicious workflow-initiated actions, or unusual interactions with configuration and credential stores can be surfaced as high-confidence signals of compromise.
For organizations seeking deeper visibility into runtime risk and exposure, Upwind can help identify vulnerable components and provide contextual signals around exploitation attempts.
