RCE vulnerability in n8n
- Feb 12
- 1 min read
What this means (non-technical)
This issue appears when certain code patterns inside Code nodes attempt to access system-level features that should normally be restricted.
Examples include accessing environment variables directly or trying to load system modules meant for file or process control. These patterns can potentially break out of n8n’s intended safety boundaries.
What usually goes wrong
If malicious or unsafe code is introduced into a workflow, it may:
Access sensitive server environment variables.
Read or modify files on the server.
Execute system commands.
In the worst case, the n8n server itself can be taken over.
Even if no attack occurs, importing workflows from untrusted sources without reviewing Code nodes can introduce hidden risks.
When this becomes urgent
This becomes urgent when:
You import workflows from third parties.
Multiple users can create or edit Code nodes.
Your n8n instance runs in a shared or production environment.
The server has access to sensitive internal systems.
The more connected your n8n instance is, the greater the potential impact.
Detect issues in your n8n workflows
|
Definitions
Code node: An n8n node that allows custom JavaScript or TypeScript.
Environment variables: Server-level configuration values that often contain secrets like database passwords or API keys.
Sandbox: A restricted execution environment designed to limit what code can access.
Disclaimer
This article highlights common patterns and risks seen in real-world n8n workflows. It’s meant to help you build more confidently and avoid surprises as your automation grows. Behavior can vary depending on your setup, version, and configuration.