n8n has a Guardrail Node Bypass

Impact

An end user interacting with a workflow that uses the Guardrail node could craft an input that bypasses the default guardrail instructions.

Patches

The issue has been fixed in n8n version 2.10.0. Users should upgrade to this version or later to remediate the vulnerability.

Workarounds

If upgrading is not immediately possible, administrators should consider the following temporary mitigations:

• Limit access to trusted users.
• Review asses the practical impact of guardrail bypasses in your usecase and adjust your workflow accordingly.

These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.