GHSA-FVFV-PPW4-7H2W: n8n Guardrail Bypass: When AI Safety Rails Are Made of Paper

n8n Guardrail Bypass: When AI Safety Rails Are Made of Paper Vulnerability ID: GHSA-FVFV-PPW4-7H2W CVSS Score: 6.5 Published: 2026-02-26 A logic flaw in n8n's Guardrail node allows attackers to bypass AI safety checks using prompt injection. By exploiting weak delimiters and permissive schema validation, malicious inputs can coerce the underlying LLM into approving prohibited content. TL;DR The Guardrail node in n8n, designed to filter bad inputs using LLMs, failed to separate system instructions from user data properly. Attackers can use simple prompt injection techniques to override safety rules and force the node to return a 'safe' verdict. Fixed in version 2.10.0. ⚠️ Exploit Status: POC Technical Details CWE ID : CWE-20 Attack Vector : Network (Prompt Injection) CVSS Score : 6.5 (Medium) Impact : Security Control Bypass Affected Component : Guardrail Node (LangChain) Exploit Status : PoC Available Affected Systems n8n automation platform n8n : < 2.10.0 (Fixed in: 2.10.0 ) Code Anal

GHSA-FVFV-PPW4-7H2W: n8n Guardrail Bypass: When AI Safety Rails Are Made of Paper

Related Articles

The Decision Pattern That Prevents Product–Engineering Conflict

Autopilot

The Most Important Skill in Software Engineering Isn’t Coding

New interstellar hunting with Vera Rubin alerts

R: A Language for Data Analysis and Graphics (1996)

Related Articles

News
The Decision Pattern That Prevents Product–Engineering Conflict
Medium Programming • 2d ago

News
Autopilot
Medium Programming • 2d ago

News
The Most Important Skill in Software Engineering Isn’t Coding
Medium Programming • 2d ago

News
New interstellar hunting with Vera Rubin alerts
Medium Programming • 2d ago

News
R: A Language for Data Analysis and Graphics (1996)
Lobsters • 2d ago