Alaqsl — CraftedSignal Threat Feedhttps://feed.craftedsignal.io/tags/alaqsl/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioThu, 26 Mar 2026 12:00:00 +0000n8n Merge Node AlaSQL Injection Vulnerabilityhttps://feed.craftedsignal.io/briefs/2026-03-n8n-rce/Thu, 26 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-n8n-rce/An authenticated user with workflow creation/modification permissions can exploit insufficient restrictions in the n8n Merge node's AlaSQL sandbox to achieve remote code execution by reading local files or executing commands on the n8n host.A critical remote code execution vulnerability has been identified in n8n, a popular workflow automation tool. Specifically, the vulnerability resides within the Merge node’s “Combine by SQL” mode. Versions of n8n prior to 2.14.1, 2.13.3, and 1.123.27 are affected. An authenticated user with the ability to create or modify workflows can leverage the AlaSQL sandbox’s insufficient input sanitization to inject malicious SQL code. This allows the attacker to potentially read arbitrary local files from the n8n host or execute arbitrary commands, leading to full system compromise. This vulnerability poses a significant risk to organizations using n8n, as it allows attackers to gain unauthorized access and control over their systems and data.

Attack Chain

  1. An attacker authenticates to the n8n instance with user account having workflow creation/modification permissions.
  2. The attacker creates or modifies an existing workflow.
  3. The attacker adds a Merge node to the workflow and sets its mode to “Combine by SQL”.
  4. The attacker crafts a malicious SQL query within the Merge node’s SQL configuration, taking advantage of insufficient input validation in the AlaSQL sandbox. The SQL query may attempt to read sensitive files from the file system, for example, /etc/passwd or application configuration files.
  5. The malicious SQL query executes when the workflow is triggered, potentially reading files from the n8n server.
  6. Alternatively, the malicious SQL query could execute commands via the SYSTEM function or other methods available through AlaSQL, leading to remote code execution on the n8n host.
  7. If successful, the attacker gains control of the n8n process.
  8. The attacker uses the compromised n8n instance to pivot to other systems on the network, steal sensitive data, or disrupt services.

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the n8n server. This can lead to complete system compromise, including the ability to steal sensitive data, install malware, or disrupt services. The number of affected n8n instances is currently unknown, but given the popularity of the platform in various sectors, the potential impact is widespread. Organizations using vulnerable versions of n8n are at high risk of data breaches, financial losses, and reputational damage.

Recommendation

  • Upgrade n8n to version 2.14.1, 2.13.3, 1.123.27 or later to patch CVE-2026-33660.
  • If upgrading is not immediately feasible, limit workflow creation and editing permissions to only fully trusted users as a short-term mitigation (reference Overview).
  • As an alternative temporary workaround, disable the Merge node by adding n8n-nodes-base.merge to the NODES_EXCLUDE environment variable (reference Overview).
  • Monitor n8n application logs for suspicious SQL queries or other anomalous activity originating from the Merge node (create custom detection logic based on observed AlaSQL activity).
]]>criticaladvisoryn8nrcealaqslinjection