GHSA-365g-vjw2-grx8: n8n: Execute Command Node Allows Authenticated Users to Run Arbitrary Commands on Host
The Execute Command node in n8n allows execution of arbitrary commands on the host system where n8n runs. While this functionality is intended for advanced automation and can be useful in certain workflows, it poses a security risk if all users with access to the n8n instance are not fully trusted.
An attacker—either a malicious user or someone who has compromised a legitimate user account—could exploit this node to run arbitrary commands on the host machine, potentially leading to data exfiltration, service disruption, or full system compromise.
This vulnerability affects all n8n deployments where:
- The
Execute Commandnode is enabled, and - Not all user accounts are strictly controlled and trusted.
n8n.cloud is not impacted.
References
Code Behaviors & Features
Detect and mitigate GHSA-365g-vjw2-grx8 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →