Summary
Key Points:
- A critical vulnerability (CVE-2025-68613) in the n8n workflow automation platform allows for arbitrary code execution, posing a severe risk to users.
- The flaw affects all versions from 0.211.0 to below 1.120.4, with approximately 103,476 potentially vulnerable instances identified globally, particularly in the U.S., Germany, France, Brazil, and Singapore.
- Immediate patching to versions 1.120.4, 1.121.1, or 1.122.0 is recommended; if not feasible, restrict workflow permissions and deploy n8n in a hardened environment.
Technical Details: The vulnerability arises from insufficient isolation of expressions supplied by authenticated users during workflow configuration, enabling attackers to execute arbitrary code with the privileges of the n8n process.
MITRE ATT&CK Techniques: None mentioned
IOCs Mentioned:
- CVE-2025-68613
Join the discussion — sign up to comment, upvote, and save articles.