Hacking Homebrew ThreatCon Bravo: n8n (npm) Critical Vulnerability 5 February 2026

  • Thread starter Thread starter impeeza
  • Start date Start date
  • Views Views 561
  • Replies Replies 2

impeeza

¡Kabito!
Member
Joined
Apr 5, 2011
Messages
10,617
Solutions
3
Reaction score
31,627
Trophies
6
Age
48
Location
At my chair.
XP
40,115
Country
Colombia
1770320517801.png

Attention: All Developers

n8n has released a security advisory addressing a new Expression Escape critical vulnerability in its open-source workflow automation platform, which could lead to remote code execution.

Tracked as CVE-2026-25049, this vulnerability could allow an authenticated user with permission to create or modify workflows which could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n.

In its security advisory n8n state: “Additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613 -n8n security advisory.”

CVE-2026-25049 bypasses the fixes implemented for CVE-2025-68613 for which an Alpha ThreatCon Advisory was released on 23 December 2025.

Platform(s) and Version(s) Affected:
 
Isn't this the thing that hijacked notepad++ recently too?
I do not know, this is about the workflow of NPN some attacker can hijack your libraries.

on Notepad++ whas a man in the middle attack which hijacked the download URL for upgrades and because Notepad++ did not check the downloaded files a malware can be injected.
 

Site & Scene News

Popular threads in this forum