Critical security update for n8n available.
Action required: update to latest patch version.

We recently informed you about upcoming patches and security advisories for high- or critical-severity security vulnerabilities in n8n.

These vulnerabilities have been fixed in the following n8n versions:

• 1.x: [fixed version for 1.x]
• 2.x: [fixed version(s) for 2.x]

If you are running a version below the fixed version for your release branch, please upgrade to the applicable fixed version (or later) as soon as possible to protect your instance.

The related security advisories have been published. You can find links to the advisories below:

• CVE-2026-27577 — Expression Sandbox Escape Leading to RCE (Critical) (GHSA-vpcf-gvg4-6qwr)
• CVE-2026-27497 — Remote Code Execution via Merge Node (Critical) (GHSA-wxx7-mcgf-j869)
• CVE-2026-27495 — Sandbox Escape in JavaScript Task Runner (Critical) (GHSA-jjpj-p2wh-qf23)
• CVE-2026-27498 — Arbitrary Command Execution via File Write and Git Operations (Critical) (GHSA-x2mw-7j39-93xq)
• CVE-2026-27493 — Unauthenticated Expression Evaluation via Form Node (High) (GHSA-75g8-rv7v-32f7)
• CVE-2026-27578 — Stored XSS via Various Nodes (High) (GHSA-2p9h-rqjw-gm92)
• CVE-2026-27494 — Arbitrary File Read via Python Code Node Sandbox Escape (High) (GHSA-mmgg-m5j7-f83h)

The information shared here is based on our current knowledge, and we will update you as soon as possible if our guidance changes.

For more information on how we handle vulnerability disclosures, please visit our blog post here: https://blog.n8n.io/how-n8n-handles-vulnerability-disclosure-and-why-we-do-it-this-way/

Best regards,
The n8n Security Team

---