Summary
n8n patched another critical sandbox escape vulnerabilities (CVE-2026-25049) that allow authenticated users to execute arbitrary code and steal sensitive AI and cloud credentials.
Take Action:
This is another important and urgent flaw in n8n. Update your n8n instances to the latest version ASAP and rotate all stored API keys and encryption secrets. Since these flaws allow full server takeover, you must assume any credentials stored in an unpatched instance are already compromised.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)