Ghostwire

CVE-2025-71380: The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n...

HIGH CVSS 8.8 Exploit Available

Published: July 4, 2026 | Last Modified: July 4, 2026

Description

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or complete system compromise.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References