Skip to main content

N8n CVE-2026-33660

| EUVDEUVD-2026-15942 CRITICAL
Code Injection (CWE-94)
2026-03-25 GitHub_M GHSA-58qr-rcgv-642v
9.4
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
9.4 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
PoC Detected
Mar 30, 2026 - 14:54 vuln.today
Public exploit code
EUVD ID Assigned
Mar 25, 2026 - 17:47 euvd
EUVD-2026-15942
Analysis Generated
Mar 25, 2026 - 17:47 vuln.today
CVE Published
Mar 25, 2026 - 17:09 nvd
CRITICAL 9.4

DescriptionGitHub Advisory

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could use the Merge node's "Combine by SQL" mode to read local files on the n8n host and achieve remote code execution. The AlaSQL sandbox did not sufficiently restrict certain SQL statements, allowing an attacker to access sensitive files on the server or even compromise the instance. The issue has been fixed in n8n versions 2.14.1, 2.13.3, and 1.123.26. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only, and/or disable the Merge node by adding n8n-nodes-base.merge to the NODES_EXCLUDE environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

AnalysisAI

An authenticated user with workflow creation or modification privileges in n8n workflow automation platform can exploit the Merge node's 'Combine by SQL' mode to read arbitrary local files on the n8n host and achieve remote code execution. n8n versions prior to 2.14.1, 2.13.3, and 1.123.26 are affected. The vulnerability carries a CVSS 4.0 score of 9.4 (Critical) due to insufficient sandbox restrictions in the AlaSQL component, allowing SQL injection-style attacks against the host system. No public proof-of-concept or active exploitation (KEV) status has been reported at this time.

Technical ContextAI

The vulnerability affects n8n (cpe:2.3:a:n8n-io:n8n), an open-source workflow automation platform built on Node.js. The root cause is classified as CWE-94 (Improper Control of Generation of Code / Code Injection). The issue stems from inadequate sandboxing in the AlaSQL library used by n8n's Merge node when operating in 'Combine by SQL' mode. AlaSQL is a JavaScript SQL database that allows SQL queries to be executed in-memory within the browser or Node.js environment. The insufficient restrictions on SQL statements permitted attackers to break out of the intended sandbox environment, enabling them to execute arbitrary SQL commands that could read the filesystem or execute system-level code. This represents a classic sandbox escape vulnerability where security boundaries intended to isolate user-controlled SQL from the underlying system were not properly enforced.

RemediationAI

Immediately upgrade n8n to version 2.14.1, 2.13.3, or 1.123.26 depending on your current version branch, as detailed in the GitHub security advisory at https://github.com/n8n-io/n8n/security/advisories/GHSA-58qr-rcgv-642v. If immediate patching is not feasible, implement temporary mitigations by restricting workflow creation and editing permissions to only fully trusted administrators, and/or disable the Merge node entirely by adding 'n8n-nodes-base.merge' to the NODES_EXCLUDE environment variable. Note that these workarounds provide only partial risk reduction and should be considered temporary measures until the patch can be applied. Review audit logs for any suspicious workflow creations or modifications involving the Merge node's SQL functionality prior to patching.

More in N8n

View all
CVE-2026-21877 CRITICAL POC
9.9 Jan 08

n8n workflow automation (through 1.121.2) allows authenticated users to execute arbitrary code via the n8n service, with

CVE-2026-21858 CRITICAL POC
10.0 Jan 08

n8n workflow automation (1.65.0 to 1.121.0) allows unauthenticated file access through form-based workflows. A critical

CVE-2026-1470 CRITICAL POC
9.9 Jan 27

n8n has a fifth critical RCE vulnerability (CVSS 9.9) in the Expression evaluator, enabling code execution through craft

CVE-2026-33665 HIGH POC
8.8 Mar 25

Authenticated n8n users can hijack administrator accounts when LDAP authentication is enabled by manipulating their LDAP

CVE-2023-27563 HIGH POC
8.8 May 10

The n8n package 0.218.0 for Node.js allows Escalation of Privileges. Rated high severity (CVSS 8.8), this vulnerability

CVE-2026-0863 HIGH POC
8.5 Jan 18

Authenticated users can exploit string formatting and exception handling in n8n's Python task executor to escape sandbox

CVE-2023-27564 HIGH POC
7.5 May 10

The n8n package 0.218.0 for Node.js allows Information Disclosure. Rated high severity (CVSS 7.5), this vulnerability is

CVE-2023-27562 MEDIUM POC
6.5 May 10

The n8n package 0.218.0 for Node.js allows Directory Traversal. Rated medium severity (CVSS 6.5), this vulnerability is

CVE-2026-33724 MEDIUM POC
6.3 Mar 25

n8n versions prior to 2.5.0 contain a critical SSH host key verification bypass in the Source Control feature that allow

CVE-2026-33720 MEDIUM POC
6.3 Mar 25

This vulnerability in n8n (an open-source workflow automation platform) is an authentication bypass in the OAuth callbac

CVE-2026-27577 CRITICAL
9.9 Feb 25

Additional expression evaluation exploits in n8n before 2.10.1/2.9.3/1.123.22. Fourth distinct code execution path throu

CVE-2026-27495 CRITICAL
9.9 Feb 25

Code injection in n8n workflow automation before 2.10.1/2.9.3/1.123.22 allows authenticated users to execute arbitrary c

Share

CVE-2026-33660 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy