CVE-2026-27493
Published: 25 February 2026
Description
n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, a second-order expression injection vulnerability existed in n8n's Form nodes that could allow an unauthenticated attacker to inject and evaluate arbitrary n8n expressions by submitting…
more
crafted form data. When chained with an expression sandbox escape, this could escalate to remote code execution on the n8n host. The vulnerability requires a specific workflow configuration to be exploitable. First, a form node with a field interpolating a value provided by an unauthenticated user, e.g. a form submitted value. Second, the field value must begin with an `=` character, which caused n8n to treat it as an expression and triggered a double-evaluation of the field content. There is no practical reason for a workflow designer to prefix a field with `=` intentionally — the character is not rendered in the output, so the result would not match the designer's expectations. If added accidentally, it would be noticeable and very unlikely to persist. An unauthenticated attacker would need to either know about this specific circumstance on a target instance or discover a matching form by chance. Even when the preconditions are met, the expression injection alone is limited to data accessible within the n8n expression context. Escalation to remote code execution requires chaining with a separate sandbox escape vulnerability. The issue has been fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations. Review usage of form nodes manually for above mentioned preconditions, disable the Form node by adding `n8n-nodes-base.form` to the `NODES_EXCLUDE` environment variable, and/or disable the Form Trigger node by adding `n8n-nodes-base.formTrigger` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.
Mitigating Controls (NIST 800-53 r5)AI
Requires timely remediation of known flaws, such as applying patches to vulnerable n8n versions 2.10.1, 2.9.3, and 1.123.22 to eliminate the expression injection vulnerability.
Mandates validation and sanitization of unauthenticated form inputs to block crafted data starting with '=' from triggering double-expression evaluation.
Restricts use of risky Form nodes via environment variables like NODES_EXCLUDE to remove the vulnerable configuration-dependent attack surface.
Security SummaryAI
CVE-2026-27493 is a second-order expression injection vulnerability in n8n, an open source workflow automation platform. It affects Form nodes in versions prior to 2.10.1, 2.9.3, and 1.123.22. The flaw arises when a form node interpolates a value from an unauthenticated user submission, and that value begins with an equals sign (=), triggering n8n to treat it as an expression and perform a double evaluation of the content. This allows injection and evaluation of arbitrary n8n expressions within the platform's expression context.
An unauthenticated attacker can exploit this by submitting crafted form data to a vulnerable n8n instance hosting a workflow with the specific preconditions: a form node field that interpolates unauthenticated input and interprets a leading = as an expression trigger. Discovery of such a form requires either prior knowledge of the target configuration or chance enumeration, as intentional prefixing with = is unlikely and noticeable to workflow designers. While the injection is confined to data accessible in the n8n expression context, chaining it with a separate expression sandbox escape vulnerability can escalate to remote code execution on the n8n host. The CVSS v3.1 score is 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H), reflecting high impact under constrained conditions.
The vulnerability is fixed in n8n versions 2.10.1, 2.9.3, and 1.123.22, with users advised to upgrade immediately. Temporary mitigations include manually reviewing form node usage for the preconditions, disabling the Form node via the NODES_EXCLUDE environment variable with "n8n-nodes-base.form", or disabling the Form Trigger node with "n8n-nodes-base.formTrigger". These workarounds are short-term only and do not fully eliminate the risk. Details are available in the fixing commit, related GitHub issue, and release notes for the patched versions.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables unauthenticated exploitation of a public-facing n8n workflow application (T1190) via second-order expression/template injection (T1221), allowing arbitrary expression evaluation in the platform context.