Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sat, 04 Jul 2026 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or complete system compromise. | |
| Title | n8n - Arbitrary Command Execution via Execute Command Node | |
| First Time appeared |
N8n
N8n n8n |
|
| Weaknesses | CWE-284 | |
| CPEs | cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:* | |
| Vendors & Products |
N8n
N8n n8n |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-04T01:23:42.800Z
Reserved: 2026-06-20T13:11:44.728Z
Link: CVE-2025-71380
No data.
No data.
No data.
OpenCVE Enrichment
No data.