Critical n8n Vulnerability Let Attackers Achieve Remote Code Execution

A critical security flaw has been identified in n8n, a widely used open-source workflow automation platform. This vulnerability exposes host servers to Remote Code Execution (RCE) attacks.

Tracked as CVE-2026-33660, this critical vulnerability allows authenticated threat actors to bypass built-in security restrictions, access sensitive data, and ultimately compromise the entire underlying host instance.

AlaSQL Sandbox Escape

The core of the vulnerability resides within the “Merge” node of n8n workflows, specifically when users activate the “Combine by SQL” mode.

n8n uses an AlaSQL sandbox to execute these SQL operations safely. However, security researchers discovered that this sandbox fails to restrict specific SQL statements adequately.

Because the application improperly controls the generation of code from externally influenced input (CWE-94: Code Injection), attackers can feed malicious instructions through the node.

If an attacker has the baseline permission to create or modify workflows, they can exploit this sandbox escape to read local files directly from the n8n host system.

From there, they can easily escalate the attack to execute arbitrary code remotely, gaining deep administrative access to the server infrastructure.

Earning a Critical severity rating across both CVSS 3.1 and CVSS 4.0 frameworks, CVE-2026-33660 represents a severe risk to enterprise automation environments.

The attack vector is strictly network-based and features low attack complexity. Most concerningly, the exploit requires no user interaction and relies only on low-level privileges.

Once an attacker breaches any account capable of workflow editing, they can pivot to full server takeover, compromising system confidentiality, integrity, and availability.

The n8n development team has officially addressed the issue in their latest releases on GitHub. Security teams and system administrators are strongly urged to update their instances immediately to prevent exploitation.

If immediate patching disrupts business operations, administrators must deploy temporary mitigations to reduce exposure.

Organizations should audit user access and strictly limit workflow creation and modification permissions to fully trusted personnel only.

Furthermore, administrators can turn off the vulnerable component entirely by appending n8n-nodes-base.merge to the NODES_EXCLUDE environment variable.

While these workarounds offer short-term protection, n8n warns that they do not fully eliminate the risk. Applying the official patches remains the only permanent remediation strategy against this threat.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.