CNNVD-202601-4558 Information

CNNVD ID

CNNVD-202601-4558

Related CVE

CVE-2026-1470

• CNNVD Published: 2026-01-27

Description (Chinese)

n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n存在安全漏洞，该漏洞源于工作流表达式评估系统隔离不足，可能导致远程代码执行。

Description (English)

n8n is an expanded workflow automation tool for n8n open source. There is a security loophole in n8n, which stems from inadequate isolation of the workflow expression assessment system, which may lead to remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

n8n

Published

2026-01-27

Last Modified

2026-02-24

References

https://github.com/n8n-io/n8n/commit/aa4d1e5825829182afa0ad5b81f602638f55fa04 https://research.jfrog.com/vulnerabilities/n8n-expression-node-rce/ https://access.redhat.com/security/cve/cve-2026-1470

Patch

https://github.com/n8n-io/n8n/releases