Cyber Resilience

CVE-2026-25115

Critical

Published: 04 February 2026

Published
04 February 2026
Modified
05 February 2026
KEV Added
Patch
CVSS Score v4 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0053 40.4th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-25115 is a critical-severity Protection Mechanism Failure (CWE-693) vulnerability in N8N N8N. Its CVSS base score is 9.4 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked at the 40.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-39 (Process Isolation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-25115 is a critical vulnerability (CVSS 9.9, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) affecting n8n, an open-source workflow automation platform. Prior to version 2.4.8, the Python Code node contains a flaw (CWE-693) that enables breakout from the intended Python sandbox environment, allowing execution of code beyond the security boundary.

Authenticated users with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation grants attackers the ability to execute arbitrary code with high impact on confidentiality, integrity, and availability, particularly due to the changed scope (S:C).

The n8n security advisory at https://github.com/n8n-io/n8n/security/advisories/GHSA-8398-gmmx-564h confirms the issue has been addressed in version 2.4.8, recommending immediate upgrades for affected installations.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

n8n is an open source workflow automation platform. Prior to version 2.4.8, a vulnerability in the Python Code node allows authenticated users to break out of the Python sandbox environment and execute code outside the intended security boundary. This issue…

more

has been patched in version 2.4.8.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Sandbox escape in Python Code node directly enables arbitrary Python execution (T1059.006) by authenticated remote users; scope-changing RCE from low privileges maps to exploitation for privilege escalation (T1068) and public-facing application exploitation (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-25056Same product: N8N N8N
CVE-2026-27494Same product: N8N N8N
CVE-2026-42231Same product: N8N N8N
CVE-2026-33665Same product: N8N N8N
CVE-2026-27495Same product: N8N N8N
CVE-2026-25049Same product: N8N N8N
CVE-2026-33749Same product: N8N N8N
CVE-2026-21877Same product: N8N N8N
CVE-2026-25055Same product: N8N N8N
CVE-2026-1470Same product: N8N N8N

Affected Assets

n8n
n8n
≤ 2.4.8

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of identified software flaws, directly addressing the Python sandbox escape vulnerability in n8n by mandating patching to version 2.4.8.

prevent

Mandates maintaining separate execution domains for processes, directly preventing breakout from the Python Code node's sandbox environment.

prevent

Limits privileges of the n8n process to the minimum necessary, reducing the impact of arbitrary code execution even if sandbox escape occurs.

References