A newly disclosed critical vulnerability, tracked as CVE-2026-25049, in the workflow automation platform n8n, allows authenticated users to execute arbitrary system commands on the underlying server by exploiting weaknesses in the platform’s expression evaluation mechanism. With a CVSS score of 9.4, the issue is classified as critical and poses a high risk to affected systems.The CVE-2026-25049vulnerability is the result of insufficient input sanitization in n8n’s expression handling logic. Researchers found that the flaw effectively bypasses security controls introduced to mitigate CVE-2025-68613, an earlier critical vulnerability with a CVSS score of 9.9 that was patched in December 2025. Despite those fixes, additional exploitation paths remained undiscovered until now.
Bypass of Previous Security Fixes for CVE-2026-25049 Vulnerability
According to an advisory released Wednesday by n8n maintainers, the issue was uncovered during follow-up analysis after the earlier disclosure. The maintainers stated, “Additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613.”They further warned that “an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n.”The vulnerability is described as an “Expression Escape Vulnerability Leading to RCE,” reflecting its ability to break out of an n8n expression sandbox and reach the host operating system. The advisory was published under GitHub Security Advisory GHSA-6cqr-8cfr-67f8 and applies to the n8n package distributed via npm.
Affected Versions and Mitigation Guidance
The CVE-2026-25049 vulnerability affects all n8n versions earlier than 1.123.17 and 2.5.2. The issue has been fully patched in versions 1.123.17 and 2.5.2, and users are advised to upgrade immediately to these or later releases to remediate the risk.For organizations unable to upgrade right away, the advisory outlines temporary workarounds. These include restricting workflow creation and modification permissions to fully trusted users and deploying n8n in a hardened environment with limited operating system privileges and constrained network access. However, n8n’s maintainers emphasized that these measures do not fully resolve the vulnerability and should only be considered short-term mitigations.From a severity standpoint, n8n has adopted CVSS 4.0 as the primary scoring system for its advisories, while continuing to provide CVSS 3.1 vector strings for compatibility. Under CVSS 3.1, CVE-2026-25049 carries the vector AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. The CVSS 4.0 metrics similarly rate the issue as critical, citing low attack complexity, network-based exploitation, low required privileges, and high impact to confidentiality, integrity, and availability.
Researcher Insights and Potential Impact
Although no specific Common Weakness Enumerations (CWEs) have been assigned, the real-world implications of exploiting this n8n vulnerability are severe. A successful attack could allow threat actors to compromise the server, steal credentials, exfiltrate sensitive data, and install persistent backdoors to maintain long-term access.The vulnerability was discovered with contributions from as many as ten security researchers. Those credited include Fatih Çelik, who also reported CVE-2025-68613, as well as Endor Labs’ Cris Staicu, Pillar Security’s Eilon Cohen, SecureLayer7’s Sandeep Kamble, and several independent researchers.In a technical deep dive covering both CVE-2025-68613 and CVE-2026-25049, Çelik stated that “they could be considered the same vulnerability, as the second one is just a bypassfor the initial fix.” He explained that both issues allow attackers to escape the n8n expression sandbox mechanism and circumvent security checks designed to prevent command execution.
Cybersecurity researchers have disclosed a new critical flaw in the popular workflow automation platform n8n that could allow unauthenticated attackers to fully compromise vulnerable systems. The issue, tracked as CVE-2026-21858 and assigned a maximum CVSS score of 10.0, is being described as one of the most severe n8n vulnerabilities reported to date.The n8n vulnerability was discovered and responsibly disclosed by security researcher Dor Attias on November 9, 2025. n8n later confirmed the issue in a security advisory, warning that attackers could access files on the underlying server through certain form-based workflows.According to n8n, “A vulnerability in n8n allows an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker.” The company noted that the flaw could expose sensitive data and potentially enable further compromise depending on configuration and usage.CVE-2026-21858 is a Content-Type confusion bug tied to how the n8n webhook processes incoming HTTP requests. The webhook parses requests differently based on the Content-Type header, creating a gap that attackers can exploit to manipulate file-handling behavior.
How the n8n Webhook Content-Type Confusion Is Exploited
The vulnerability stems from how n8n handles form submissions. When a request is processed, the platform uses parseRequestBody() to determine whether to invoke a file upload parser or a regular body parser. If multipart/form-data is specified, uploaded files are parsed and stored in req.body.files.However, researchers found that certain file-handling functions are executed without verifying the Content-Type header. As a result, attackers can override req.body.files even when no file upload is present.“Since this function is called without verifying the content type is ‘multipart/form-data,’ we control the entire req.body.files object,” Attias explained. This allows an attacker to copy any local file from the server instead of an uploaded file, exposing sensitive system data to downstream workflow nodes.
n8n Vulnerability Enables Admin Bypass and Remote Code Execution
The impact of CVE-2026-21858 extends beyond arbitrary file reads. Researchers demonstrated how attackers could escalate the flaw into a full system compromise. By abusing the n8n vulnerability, a threat actor could read the internal SQLite database at /home/node/.n8n/database.sqlite, extract administrator credentials, and then retrieve encryption secrets from /home/node/.n8n/config.Using this information, attackers could forge a valid admin session cookie, bypass authentication, and gain full administrative access. From there, they could create a malicious workflow containing an “Execute Command” node, achieving remote code execution on the host system.Cyera warned that the centralized nature of n8n significantly amplifies the risk. “A compromised n8n instance doesn’t just mean losing one system; it means handing attackers the keys to everything,” the company said, citing stored API credentials, OAuth tokens, and database connections as high-value targets.
Patch Status and Mitigations for CVE-2026-21858
The n8n vulnerability affects all versions up to and including 1.65.0 and was patched in version 1.121.0, released on November 18, 2025. Users are strongly urged to upgrade to a fixed or newer release, such as versions 1.123.10, 2.1.5, 2.2.4, or 2.3.0.As additional mitigations, administrators are advised to avoid exposing n8n instances to the internet, enforce authentications for all Forms, and restrict or disable publicly accessible n8n webhook and form endpoints until patches can be applied.The disclosure of CVE-2026-21858 follows several other critical issues in n8n, including CVE-2025-68668 and CVE-2025-68613, highlighting the need for rigorous security controls around automation platforms that manage sensitive integrations and credentials.
The Cyber Security Agency of Singapore (CSA) has issued a high-priority alert warning organizations and system administrators about a critical security vulnerability affecting SmarterMail, an enterprise email and collaboration platform developed by SmarterTools. The flaw, tracked as CVE-2025-52691, carries the highest possible severity rating and could allow attackers to execute arbitrary code remotely without authentication.According to CSA, the vulnerability has been assigned a Common Vulnerability Scoring System (CVSS v3.1) score of 10.0, reflecting its potential for widespread and severe impact. The issue arises from an arbitrary file upload weakness that could be exploited by unauthenticated attackers to upload files to any directory on a vulnerable mail server.“Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution,” CSA said in its advisory.
Technical Details and Potential Attack Scenarios for CVE-2025-52691
The vulnerability identified as CVE-2025-52691 affects SmarterMail versions Build 9406 and earlier. At its core, the flaw allows arbitrary file uploads, a class of vulnerability that can be especially dangerous in server-side applications. If a malicious file type is uploaded and automatically processed by the application environment, it may be interpreted as executable code.CSA noted that this behavior could pave the way for remote code execution, particularly if an attacker uploads a script or binary file that the server is capable of executing. For example, malicious web shells or binaries could be placed on the server and run with the same privileges as the SmarterMail service itself.In a hypothetical attack scenario outlined by CSA, a threat actor could leverage this weakness to establish persistent access to the mail server. From there, attackers could potentially exfiltrate sensitive data, deploy additional malware, or use the compromised system as a foothold to move laterally within an organization’s network. The absence of any authentication requirement lowers the barrier to exploitation.
Affected Versions and Recommended Mitigation
CSA confirmed that SmarterMail Build 9406 and earlier are vulnerable to exploitation. To mitigate the risk, SmarterTools has released security updates addressing the issue. The vulnerability was fixed in SmarterMail Build 9413, which was released on October 9, 2025.“Users and administrators of affected product versions are advised to update to SmarterMail version Build 9413 immediately,” CSA stated in its bulletin.While Build 9413 resolves CVE-2025-52691, CSA further recommends upgrading to the latest available release for improved security posture. As of the advisory, the most recent version is SmarterMail Build 9483, released on December 18, 2025. Although the agency noted that there is no indication of active exploitation in the wild, timely patching is advised to reduce exposure.
Discovery, Disclosure, and Broader Impact
CSA credited Chua Meng Han from the Centre for Strategic Infocomm Technologies (CSIT) for discovering and responsibly reporting the vulnerability. The agency also acknowledged SmarterTools Inc. for its cooperation during the coordinated disclosure and remediation process.While CSA has not reported any confirmed in-the-wild exploitation of CVE-2025-52691, the agency made clear that unauthenticated remote code execution flaws pose a serious and immediate risk. Organizations running SmarterMail should treat this vulnerability as a high priority, apply the required updates without delay, and actively review systems for signs of unauthorized file uploads or suspicious activity.To stay protected from vulnerabilities like CVE-2025-52691, organizations need continuous visibility into new cyber threats and real-world exploitation risks. Cyble helps security teams monitor critical vulnerabilities, track attacker activity, and prioritize remediation through AI-powered threat intelligence.Gain early insight into high-risk vulnerabilities, attacker tactics, and exposed assets with Cyble’s AI-native threat intelligence platform.Book a free demo to strengthen your vulnerability response and reduce risk before threats escalate.
Login
