VulnHub

Real-time Cybersecurity News

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

The Hacker News
CVEVulnerabilityCritical

Overview

Researchers from JFrog Security Research have identified two significant vulnerabilities in the n8n workflow automation platform. The most critical issue, tracked as CVE-2026-1470, has a CVSS score of 9.9 and involves an eval injection vulnerability that allows authenticated users to execute arbitrary code remotely. This flaw poses a severe risk, as it could potentially enable attackers to manipulate the system and access sensitive data. Users of n8n should take immediate action to secure their installations, especially those who rely on this platform for workflow automation. Prompt updates and monitoring are essential to mitigate risks associated with these vulnerabilities.

Key Takeaways

  • Affected Systems: n8n workflow automation platform, versions not specified
  • Action Required: Users should update to the latest version of n8n to patch the vulnerabilities.
  • Timeline: Newly disclosed

Original Article Summary

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the JFrog Security Research team, are listed below - CVE-2026-1470 (CVSS score: 9.9) - An eval injection vulnerability that could allow an authenticated user to bypass the Expression

Impact

n8n workflow automation platform, versions not specified

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Newly disclosed

Remediation

Users should update to the latest version of n8n to patch the vulnerabilities. Regularly review user permissions and limit access to the system to reduce risk.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Vulnerability, Critical.

Read Original Article

Related Coverage

Cairncross: Industry crucial in shaping US cybersecurity strategy

SCM feed for Latest

The U.S. government is seeking greater collaboration with the private sector to improve its cybersecurity measures. National Cyber Director Sean Cairncross emphasized the need for businesses to assist in developing stronger cybersecurity regulations and enhancing information-sharing practices. This initiative is part of a broader national strategy aimed at addressing the increasing cyber threats facing the nation. By working together, the government and industry can create a more secure digital environment for all Americans. This partnership is crucial as cyberattacks become more sophisticated and frequent, affecting various sectors.

Feb 5, 2026

Expert says CISA silently fixing bugs could be a problem

SCM feed for Latest

The Cybersecurity and Infrastructure Security Agency (CISA) has been updating software vulnerabilities related to ransomware without notifying cybersecurity defenders, as pointed out by Glenn Thorpe of GreyNoise. This lack of transparency could lead to missed ransomware intrusions, as defenders may not be aware of the vulnerabilities that have been patched. The updates affected numerous software vulnerabilities last year, raising concerns about the potential risks for organizations relying on these systems. The situation emphasizes the need for better communication between CISA and cybersecurity professionals to ensure that all parties are informed about critical updates that could impact security posture.

Feb 5, 2026

Misconfiguration exposes billions of Chinese records

SCM feed for Latest

A significant data breach has occurred due to an unsecured Elasticsearch cluster, exposing over 8.7 billion records related to Chinese citizens. This incident is one of the largest data spills linked to the open-source search and analytics tool. The exposed data includes sensitive information, raising serious concerns regarding privacy and security for those affected. Researchers are warning that such massive leaks could lead to identity theft and other malicious activities. It's crucial for organizations using Elasticsearch to ensure their configurations are secure to prevent similar incidents in the future.

Feb 5, 2026

Hackers compromise NGINX servers to redirect user traffic

BleepingComputer

Hackers are targeting NGINX servers in a campaign that reroutes user traffic through their own infrastructure. This attack compromises the servers, allowing the perpetrators to intercept and manipulate the data being transmitted. Affected users may experience altered content or be redirected to malicious sites without their knowledge. The incident raises concerns about the security of NGINX, a widely used web server software, and the potential for significant data breaches. Organizations using NGINX should take immediate precautions to safeguard their systems and ensure that their configurations are secure to prevent such hijacking.

Feb 4, 2026

Critical n8n flaws disclosed along with public exploits

BleepingComputer

Researchers have identified multiple serious vulnerabilities in n8n, a widely used open-source workflow automation platform. These flaws could enable attackers to escape the security measures of the software, potentially giving them complete control over the host server. This poses a significant risk to users, especially those running n8n in production environments. If exploited, these vulnerabilities could lead to unauthorized access and data breaches, impacting businesses that rely on n8n for automation tasks. Users are strongly advised to assess their systems and implement necessary security measures as soon as possible.

Feb 4, 2026

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

Security Affairs

Rui-Siang Lin, a 24-year-old Taiwanese man, has been sentenced to 30 years in prison for his role in operating Incognito Market, a significant darknet drug marketplace. This platform facilitated the sale of over one ton of illegal drugs, amounting to more than $105 million in transactions. Lin was found guilty of various charges, including conspiracy to distribute narcotics. The case illustrates the ongoing challenges law enforcement faces in combating illicit online drug trade and underscores the risks associated with the anonymity provided by darknet platforms. The long sentence reflects the severity of his actions and serves as a warning to others involved in similar activities.

Feb 4, 2026