n8n vulnerability reported, fixes and mitigations available

A critical sandbox-bypass vulnerability was reported in n8n's Python Code Node that could allow users with workflow editing permissions to run code on the host; the issue was fixed in n8n v1.111.0 and task-runner Python isolation is the default in v2.0.0.

n8n published an advisory describing a critical vulnerability in its Python Code Node that used a browser-based Python runtime. The advisory reported the flaw as a sandbox bypass that could let users with workflow editing permissions execute code on the system running n8n. The issue is tracked as CVE-2025-68668 and was assigned a high severity score. The vendor released a software update intended to address the problem. What is known: - The Python Code Node's browser-based runtime contained a sandbox bypass that could allow workflows with edited Python code to execute commands at the same privilege level as the n8n process. - The flaw is identified as CVE-2025-68668 and was given a critical severity rating in the advisory. - The advisory notes the vulnerability was fixed in n8n v1.111.0 and that a task-runner native Python isolation model was introduced and made the default in v2.0.0; the advisory also listed configuration options and feature toggles for environments that cannot upgrade immediately. Summary: The advisory reports a high-severity sandbox bypass in the Python Code Node and states a software update has been released and a more isolated task-runner model is now the default in the next major release. Undetermined at this time.