CVE-2026-33660
Received Received - Intake
SQL Injection in n8n Merge Node Enables Remote Code Execution

Publication date: 2026-03-25

Last updated on: 2026-03-30

Assigner: GitHub, Inc.

Description
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could use the Merge node's "Combine by SQL" mode to read local files on the n8n host and achieve remote code execution. The AlaSQL sandbox did not sufficiently restrict certain SQL statements, allowing an attacker to access sensitive files on the server or even compromise the instance. The issue has been fixed in n8n versions 2.14.1, 2.13.3, and 1.123.26. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only, and/or disable the Merge node by adding `n8n-nodes-base.merge` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-03-30
Generated
2026-05-07
AI Q&A
2026-03-25
EPSS Evaluated
2026-05-05
NVD
CVE-2026-33660
EUVD
EUVD-2026-15942
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
n8n n8n to 1.123.27 (exc)
n8n n8n From 2.0.0 (inc) to 2.13.3 (exc)
n8n n8n 2.14.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-33660 is a critical remote code execution vulnerability in the n8n workflow automation platform. It affects versions prior to 2.14.1, 2.13.3, and 1.123.27. An authenticated user with permission to create or modify workflows can exploit the Merge node's "Combine by SQL" mode to read local files on the host and execute arbitrary code remotely.

The root cause is insufficient sandboxing in the AlaSQL engine used by the Merge node, which fails to properly restrict certain SQL statements. This allows attackers to bypass security controls, access sensitive files, and compromise the n8n instance.

The vulnerability is classified under CWE-94 (Improper Control of Generation of Code), where untrusted input is used to construct code without adequate neutralization, enabling code injection.


How can this vulnerability impact me? :

This vulnerability allows an attacker with low privileges and no user interaction to remotely execute code on the n8n host system.

Exploitation can lead to full compromise of the confidentiality, integrity, and availability of the affected system, including unauthorized access to sensitive files and complete control over the n8n instance.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability immediately, users should upgrade n8n to versions 2.14.1, 2.13.3, or 1.123.27 or later, where the issue is fixed.

If upgrading is not immediately possible, administrators should limit workflow creation and editing permissions to fully trusted users only.

Additionally, disabling the Merge node by adding `n8n-nodes-base.merge` to the `NODES_EXCLUDE` environment variable is recommended as a temporary mitigation.

Note that these workarounds do not fully remediate the risk and should only be used as short-term measures.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

This vulnerability allows an authenticated user with limited privileges to execute arbitrary code remotely and access sensitive files on the n8n host. Such unauthorized access and potential data compromise can lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls over the confidentiality and integrity of sensitive data.

Because the vulnerability impacts confidentiality, integrity, and availability of the system, organizations using affected versions of n8n may face compliance risks if sensitive personal or health information is exposed or altered.

Remediation by upgrading to fixed versions or applying temporary mitigations is critical to maintain compliance with these standards.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

There is no specific detection method or commands provided in the available information to identify exploitation or presence of this vulnerability on your network or system.

However, to mitigate risk, you should verify the version of n8n running on your system and ensure it is updated to version 2.14.1, 2.13.3, 1.123.27 or later, as these versions contain the fix.

You can check the n8n version by running a command such as:

  • `n8n --version`

Additionally, review user permissions to ensure only fully trusted users have workflow creation and modification rights, and check if the Merge node is disabled by verifying the `NODES_EXCLUDE` environment variable includes `n8n-nodes-base.merge`.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart