AI description
CVE-2025-62726 is a remote code execution vulnerability affecting the Git Node component of n8n, an open-source workflow automation platform. This vulnerability exists in both Cloud and Self-Hosted versions of n8n prior to version 1.113.0. The vulnerability can be exploited if a malicious actor clones a remote repository containing a pre-commit hook. Subsequently, using the Commit operation in the Git Node can inadvertently trigger the execution of this hook. This could allow the attacker to execute arbitrary code within the n8n environment, potentially compromising the system.
- Description
- n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulnerability exists in the Git Node component available in both Cloud and Self-Hosted versions of n8n. When a malicious actor clones a remote repository containing a pre-commit hook, the subsequent use of the Commit operation in the Git Node can inadvertently trigger the hook’s execution. This allows attackers to execute arbitrary code within the n8n environment, potentially compromising the system and any connected credentials or workflows. This vulnerability is fixed in 1.113.0.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-829
- Hype score
- Not currently trending
🚨 New plugin: N8nPlugin (CVE-2025-68613, CVE-2025-65964, CVE-2025-62726). n8n Workflow Automation multiple vulnerabilities detection. Results: https://t.co/GvJen2HstB https://t.co/rDYWed4haO
@leak_ix
26 Dec 2025
2109 Impressions
4 Retweets
14 Likes
7 Bookmarks
1 Reply
0 Quotes
n8n Vulnerable to Remote Code Execution via Git Node Pre-Commit Hook · CVE-2025-62726 · GitHub Advisory Database https://t.co/TowMU14q7m
@pHo9UBenaA
1 Nov 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
n8n Git Node RCE Exposes Critical Risk CVE-2025-62726 lets attackers run arbitrary code via Git node in n8n. Immediate patching is a must for all hosts. For more details, read ZeroPath's blog on this vuln. #AppSec #InfoSec #n8n https://t.co/uUfpbYn1HT
@ZeroPathLabs
30 Oct 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-62726: HIGH] Cybersecurity alert: n8n workflow automation platform had a remote code execution vulnerability in Git Node up to v1.113.0. Update to protect from potential attacks.#cve,CVE-2025-62726,#cybersecurity https://t.co/MLILkaJfm8 https://t.co/H3PbHR3S76
@CveFindCom
30 Oct 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62726 pertains to a **remote code execution (RCE)** vulnerability present in **n8n**, an open-source workflow automation platform, specifically affecting versions prior to 1.113.0. The flaw resides within the **Git Node** component, which allows users to interact with
@CveTodo
30 Oct 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62726 n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulnerability exists in the Git Node component available in both Cloud a… https://t.co/vO9mda9lWz
@CVEnew
30 Oct 2025
177 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes