Product
CVE-2025-71380 is an improper access control vulnerability (CWE-284) in n8n versions up to and including 1.114.4 that allows authenticated users to execute arbitrary commands on the underlying host system where n8n runs, potentially leading to data exfiltration, service disruption, or complete system compromise.