【Security Advisory】n8n Contains a Critical Information Security Vulnerability (CVE-2026-25049)

publish date : 2026-02-23 update date : 2026-02-23

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026020605025656 Publication Time 2026/02/06 17:20
Incident Type ANA-Vulnerability Alert Discovery Time 2026/02/06 17:20
Impact Level Low  
[Subject]
【Vulnerability Alert】CISA Adds Seven Known Exploited Vulnerabilities to the KEV Catalog (2026/01/26–2026/02/01)

[Content]
Forwarded from TWCERTCC-200-202602-00000004

n8n is an open-source workflow automation tool that connects multiple applications through a visual drag-and-drop interface, enabling the automation of repetitive tasks without the need for coding. A critical security vulnerability has recently been disclosed (CVE-2026-1470, CVSS 4.x: 9.4).

This vulnerability allows an authenticated attacker with permission to create or modify workflows to exploit specially crafted workflow parameter expressions, thereby triggering unauthorized system commands on the n8n host during execution.

(Information Sharing Level: WHITE (Information content can be publicly disclosed)

[Affected Platform]
n8n versions prior to 1.123.17 (not including 1.123.17)

n8n versions prior to 2.5.2 (not including 2.5.2)

[Recommended Actions]
Please update to the following versions:

n8n version 1.123.17 (including 1.123.17) or later

n8n version 2.5.2 (including 2.5.2) or later
[Reference]
https://www.twcert.org.tw/tw/cp-169-10696-c7fdb-1.html
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center