CVE-2026-27495

Description

n8n has a Sandbox Escape in its JavaScript Task Runner

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://github.com/n8n-io/n8n/security/advisories/GHSA-jjpj-p2wh-qf23
• https://nvd.nist.gov/vuln/detail/CVE-2026-27495
• https://docs.n8n.io/hosting/configuration/task-runners
• https://github.com/n8n-io/n8n
• https://github.com/n8n-io/n8n/releases/tag/n8n@1.123.22
• https://github.com/n8n-io/n8n/releases/tag/n8n@2.10.1
• https://github.com/n8n-io/n8n/releases/tag/n8n@2.9.3