What is the CVSS score of CVE-2026-27498?

CVE-2026-27498 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of AI / ML are affected by CVE-2026-27498?

n8n workflow automation users face remote code execution risk if authenticated users with workflow modification permissions are compromised or act maliciously.. A patch is available.

AI / ML CVE-2026-27498

HIGH

Code Injection (CWE-94)

2026-02-25 security-advisories@github.com

GHSA-x2mw-7j39-93xq

RCE AI / ML N8n

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

Patch released

Mar 04, 2026 - 03:33 nvd

Patch available

CVE Published

Feb 25, 2026 - 23:16 nvd

HIGH 8.8

DescriptionNVD

n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk node with git operations to achieve remote code execution. By writing to specific configuration files and then triggering a git operation, the attacker could execute arbitrary shell commands on the n8n host. The issue has been fixed in n8n versions 2.2.0 and 1.123.8. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Limit workflow creation and editing permissions to fully trusted users only, and/or disable the Read/Write Files from Disk node by adding n8n-nodes-base.readWriteFile to the NODES_EXCLUDE environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

AnalysisAI

Remote code execution in n8n workflow automation platform allows authenticated users with workflow creation or modification permissions to execute arbitrary shell commands by chaining file write operations with git functions to manipulate configuration files. Versions prior to 2.2.0 and 1.123.8 are affected, and administrators should upgrade immediately or restrict workflow editing permissions to trusted users only.

RemediationAI

Within 24 hours: Identify all n8n instances and document current versions; assess which workflows have file disk operations combined with git integrations. Within 7 days: Apply vendor patches (versions 2.2.0 or 1.123.8+) to all n8n deployments; restrict workflow modification permissions to trusted administrators only. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-27498 vulnerability details – vuln.today

Back

AI / ML CVE-2026-27498

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code