GHSA-365g-vjw2-grx8: 
JavaScript 脆弱性の分析と軽減

The Execute Command node vulnerability in n8n (GHSA-365g-vjw2-grx8) was disclosed on October 8, 2025. This security issue allows authenticated users to execute arbitrary commands on the host system where n8n runs. The vulnerability affects all n8n deployments with the Execute Command node enabled and where not all user accounts are strictly controlled and trusted. It's worth noting that n8n.cloud is not impacted by this vulnerability. The affected versions include n8n <= 1.114.4 and n8n-nodes-base <= 1.113.0 (GitHub Advisory).

The vulnerability has been assigned a CVSS score of 8.8 (High severity) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs low privileges, and requires no user interaction. The vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command) and CWE-284 (Improper Access Control) (GitHub Advisory).

The vulnerability's impact is significant as it allows attackers to execute arbitrary commands on the host machine where n8n is running. This could potentially lead to data exfiltration, service disruption, or full system compromise. The vulnerability is particularly concerning in environments where user accounts are not strictly controlled or where a legitimate user account could be compromised (GitHub Advisory).

No code changes have been made to alter the behavior of the Execute Command node. The recommended mitigation is to disable the node by default in environments where it is not explicitly required. Administrators can disable the Execute Command node by setting the environment variable: export NODES_EXCLUDE: "["n8n-nodes-base.executeCommand"]" before starting n8n. Future n8n versions may change the default availability of this node (GitHub Advisory).