N8n Vulnerabilities Could Lead to Remote Code Execution

Two critical- and high-severity vulnerabilities in the n8n AI workflow automation platform could allow attackers to execute arbitrary code remotely, JFrog reports.

The issues, tracked as CVE-2026-1470 (CVSS score of 9.9) and CVE-2026-0863 (CVSS score of 8.5), impacted n8n’s sandbox mechanism and could be abused via weaknesses in the Abstract Syntax Tree (AST) sanitization logic.

CVE-2026-1470, JFrog notes, was discovered in the expression evaluation engine and could allow attackers to execute arbitrary JavaScript code.

N8n uses an AST-based sandbox to validate JavaScript input and neutralize potentially dangerous nodes before execution. Several validation layers have been implemented to mitigate known JavaScript sandbox escape vectors.

However, because the AST parser still supports a deprecated statement, an attacker can supply an identifier that allows them to achieve arbitrary code execution in n8n’s main node.

This allows an attacker to completely take over the n8n instance, JFrog says.

CVE-2026-0863, the ...