n8n expression-evaluation bugs enable authenticated users to execute system commands, risking server takeover, credential theft, and AI workflow disruption.
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
A critical n8n vulnerability (CVE-2026-25049) allows authenticated workflow creators to execute arbitrary system commands, risking full server compromise.
