SANDBOX Shattered: Critical n8n Flaw (CVSS 9.9) Allows Remote Code Execution outlines a critical Remote Code Execution vulnerability in n8n tracked as CVE-2026-1470, with a CVSS score of 9.9 that can be exploited by authenticated users to bypass sandbox protections and run arbitrary code on the main node. The flaw targets the platform’s Expression evaluation system, which the report says lacks sufficient isolation from the underlying runtime.
According to the disclosure, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated, enabling an attacker to inject a payload and escape the sandbox. A PoC demonstrates how a crafted JavaScript payload injected into an Edit Fields block can break out of the sandbox and invoke the child_process module to execute OS commands, returning output in the JSON response.
Administrators should urgently check their instances for affected versions, which include 1.123.17 and ranges 2.0.0–2.4.5 (exclusive of 2.4.5) and 2.5.0–2.5.1 (exclusive of 2.5.1), and upgrade to a patched version.