CVE-2026-27577 | n8n-io n8n up to 1.123.21/2.9.2/2.10.0 Expressions code injection (GHSA-v98v-ff95-f3cp)

A vulnerability labeled as critical has been found in n8n-io n8n up to 1.123.21/2.9.2/2.10.0. This affects an unknown part of the component Expressions Handler. The manipulation results in code injection.

This vulnerability is known as CVE-2026-27577. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More