The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.

n8n security woes roll on as new critical flaws bypass December fix

Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack ...