A critical n8n flaw has been discovered - here's how to stay safe

• CVE-2025-68668 in n8n’s Python Code Node enables arbitrary system command execution
• Attackers with workflow permissions can bypass Pyodide sandbox, risking malware, data theft, and system compromise
• Fixed in n8n v1.111.0; v2.0.0 defaults to secure task-runner Python isolation

A critical-severity vulnerability was recently found in n8n, allowing threat actors to run arbitrary code on the underlying system.

n8n is an open-source workflow automation platform that lets users connect apps, APIs, and services to automate tasks without heavy coding. It allows users to to build visual workflows that move data between tools, trigger actions, and run custom logic.

In a security advisory posted on GitHub, it was confirmed that a sandbox bypass vulnerability existed in the Python Code Node that uses Pyodide, a Python runtime for the browser and other JavaScript environments.