Critical N8scape Vulnerability: n8n workflow tool hits 9.9 CVSS Score

1 / 7 / 2026 · 422 words

Cybersecurity researchers have uncovered a massive security flaw in n8n, the widely-used open-source workflow automation platform. Tracked as CVE-2025-68668 (and dubbed N8scape), this vulnerability carries a critical CVSS score of 9.9, as it allows for Remote Code Execution (RCE) on the underlying host system.

1. What is N8scape?

Discovered by researchers at Cyera Research Labs, the flaw is a protection mechanism failure. Specifically, it involves a sandbox bypass within the Python Code Node that utilizes Pyodide.

While n8n is designed to run code in a restricted environment, this vulnerability allows an authenticated user—with permissions to create or modify workflows—to break out of that sandbox. Once out, the attacker can execute arbitrary operating system commands with the same privileges as the n8n process itself.

2. Affected Versions

The vulnerability impacts a wide range of n8n deployments:

  • Affected: All versions from 1.0.0 up to (but not including) 2.0.0.
  • Fixed: The issue has been officially addressed in version 2.0.0.

3. Why it’s 9.9/10 Critical

A 9.9 CVSS score is rare and signifies that the exploit is highly reliable and has a devastating impact. Since n8n often has access to sensitive API keys, databases, and internal infrastructure, a compromised n8n instance can serve as a gateway for an attacker to move laterally across an entire corporate network.

4. How to Secure Your Instance

The development team at n8n has acted quickly to mitigate the risk. Here is how you should respond:

A. Immediate Update (Recommended) Update your n8n instance to version 2.0.0 immediately. In this version, the secure task runner-based Python implementation is enabled by default, closing the N8scape loophole.

B. Temporary Workarounds If you cannot update immediately, n8n recommends the following environment variable configurations to harden your instance:

  • Disable the Code Node: Set NODES_EXCLUDE=["n8n-nodes-base.code"]
  • Disable Python Support: Set N8N_PYTHON_ENABLED=false
  • Enable Secure Runners: If you are on version 1.111.0 or later, manually enable the new security isolation by setting N8N_RUNNERS_ENABLED=true and N8N_NATIVE_PYTHON_RUNNER=true.

5. Second Critical Flaw (CVE-2025-68613)

Adding to the urgency, n8n also recently addressed CVE-2025-68613, another 9.9-rated vulnerability that could lead to arbitrary code execution. This suggests a period of intense security auditing for the platform, and users are urged to stay on the absolute latest stable release.

For developers and sysadmins, this is a reminder that automation tools are high-value targets. Secure your runners and keep your workflow engines updated to prevent your automation from becoming an attacker’s best friend.

Share: