CVE-2026-25115
published 2026-02-04CVE-2026-25115: n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of…
PriorityP263critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.53%
40.5th percentile
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| n8n-io | n8n | < 2.4.8 | 2.4.8 |
| n8n | n8n | < 2.4.8 | 2.4.8 |
| n8n | n8n | >= 0 < 2.4.8 | 2.4.8 |
CVSS provenance
nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvdv4.09.4CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
n8n has a Python sandbox escape
osv·2026-02-04
CVE-2026-25115 [CRITICAL] n8n has a Python sandbox escape
n8n has a Python sandbox escape
## Impact
A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary.
Only authenticated users are able to execute code through Task Runners.
This issue affected any deployment in which the following conditions were met:
- Task Runners were enabled using `N8N_RUNNERS_ENABLED=true` (default: false)
- Python was enabled `N8N_PYTHON_ENABLED=true`
- Code Node was enabled (default: true)
In case the `N8N_RUNNERS_MODE` is set to `external` (default: `internal`) the sandbox escape is limited to the sidecar container with lower risk for lateral movement. In that case a lower high severity is more appropriate.
## Patches
This vulnerability is fixed i
GHSA
n8n has a Python sandbox escape
ghsa·2026-02-04
CVE-2026-25115 [CRITICAL] CWE-693 n8n has a Python sandbox escape
n8n has a Python sandbox escape
## Impact
A vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary.
Only authenticated users are able to execute code through Task Runners.
This issue affected any deployment in which the following conditions were met:
- Task Runners were enabled using `N8N_RUNNERS_ENABLED=true` (default: false)
- Python was enabled `N8N_PYTHON_ENABLED=true`
- Code Node was enabled (default: true)
In case the `N8N_RUNNERS_MODE` is set to `external` (default: `internal`) the sandbox escape is limited to the sidecar container with lower risk for lateral movement. In that case a lower high severity is more appropriate.
## Patches
This vulnerability is fixed i
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-25115 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 9.4
CVE-2026-25115 [CRITICAL] CVE-2026-25115 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-25115 :
NixOS vulnerability analysis and mitigation
n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue has been patched in version 2.4.8.
Source : NVD
## 9.4
Score
Published February 4, 2026
Severity CRITICAL
CNA Score 9.4
Affected Technologies
NixOS
n8n
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17.3
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
n8n
Sources
NVD
npm Severity CRITICAL Has Fix Added at: Feb 08, 2026
Nix Severity CRITICAL
Bugzilla
CVE-2026-45591 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
bugzilla·2026-06-09·CVSS 7.5
CVE-2026-45591 [HIGH] CVE-2026-45591 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
CVE-2026-45591 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:25111 https://access.redhat.com/errata/RHSA-2026:25111
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:25112 https://access.redhat.com/errata/RHSA-2026:25112
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:25115 https://access.redhat.com/errata/RHSA-2026:25115
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RH
Bugzilla
CVE-2026-45491 dotnet: .NET: Local file tampering via link following vulnerability
bugzilla·2026-06-09·CVSS 6.2
CVE-2026-45491 [MEDIUM] CVE-2026-45491 dotnet: .NET: Local file tampering via link following vulnerability
CVE-2026-45491 dotnet: .NET: Local file tampering via link following vulnerability
Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:25111 https://access.redhat.com/errata/RHSA-2026:25111
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:25112 https://access.redhat.com/errata/RHSA-2026:25112
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:25115 https://access.redhat.com/errata/RHSA-2026:25115
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux
2026-02-04
Published