CVE-2026-27577
Received Received - Intake
Command Injection via Expression Evaluation in n8n Workflows

Publication date: 2026-02-25

Last updated on: 2026-03-04

Assigner: GitHub, Inc.

Description
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613. An authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n. The issues have been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate all known vulnerabilities. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Limit workflow creation and editing permissions to fully trusted users only, and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-03-04
Generated
2026-06-16
AI Q&A
2026-02-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-27577
EUVD
EUVD-2026-8761
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
n8n n8n to 1.123.22 (exc)
n8n n8n From 2.0.0 (inc) to 2.9.3 (exc)
n8n n8n From 2.10.0 (inc) to 2.10.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects n8n, an open source workflow automation platform. Before certain fixed versions, an authenticated user with permission to create or modify workflows could exploit crafted expressions in workflow parameters to execute unintended system commands on the host running n8n.

The issue arises from expression evaluation in workflows, allowing command execution beyond intended scope.

The vulnerability has been patched in n8n versions 2.10.1, 2.9.3, and 1.123.22.

Detection Guidance

I don't know

Impact Analysis

If exploited, this vulnerability allows an authenticated user with workflow creation or modification permissions to execute arbitrary system commands on the host running n8n.

This could lead to unauthorized control over the system, data compromise, service disruption, or further attacks within the environment.

Temporary mitigations include limiting workflow creation and editing permissions to fully trusted users and deploying n8n in a hardened environment with restricted OS privileges and network access.

Compliance Impact

I don't know

Mitigation Strategies

To mitigate this vulnerability immediately, users should upgrade n8n to versions 2.10.1, 2.9.3, or 1.123.22, or later, where the issue has been fixed.

If upgrading is not immediately possible, administrators should limit workflow creation and editing permissions to fully trusted users only.

Additionally, deploying n8n in a hardened environment with restricted operating system privileges and network access can reduce the impact of potential exploitation.

Note that these workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27577. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart