AI description
CVE-2025-68613 is a Remote Code Execution (RCE) vulnerability found in n8n, an open-source workflow automation platform. The vulnerability exists in versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0. It stems from the workflow expression evaluation system, where expressions supplied by authenticated users during workflow configuration might be evaluated in an execution context lacking sufficient isolation from the underlying runtime. An authenticated attacker could exploit this vulnerability to execute arbitrary code with the privileges of the n8n process. Successful exploitation could lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. The issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0.
- Description
- n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-913
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
54
CVE-2025-68613 Authenticated Remote Code Execution (RCE) in n8n Workflow Automation Platform Link: https://t.co/AnOWAuNBMu #n8nworkflowautomation #rcen8nworkflow #exploitn8nworkflow #n8n #redteam https://t.co/3KCiJAwOdY
@_havij
24 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#n8n に、CVSS 9.9の、大変な #脆弱性 (CVE-2025-68613)が、見つかったみたいです…。認証ユーザーが、勝手にコード実行できちゃう、らしくて…すごく、危険です…。 v1.120.4 / 1.121.1 / 1.122.0 などの修正版へ、早急に
@CCE7
24 Dec 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL ALERT: n8n Users A CVSS 9.9 severity flaw (CVE-2025-68613) has been disclosed in n8n. The vulnerability allows authenticated users to escape the sandbox and execute arbitrary code (RCE) on the host server. If you self-host, your infrastructure is at risk. ⚠️
@FORTRES_AD
24 Dec 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE in n8n (CVE-2025-68613, CVSS 9.9) allows authenticated attackers to execute arbitrary code via expression injection. If you're running n8n, patch immediately! Nuclei detection template (community-contributed): https://t.co/XDgq7adfW7 #cybersecurity #CVE #n8n
@Manikandanbas03
24 Dec 2025
55 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
n8nに認証済みユーザーからRCEを許す脆弱性(CVE-2025-68613) https://t.co/0PS9PzHTVy #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
@securityLab_jp
24 Dec 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
n8nに致命的RCE: CVE-2025-68613(CVSS 9.9) https://t.co/Kh2E2datee #Security #セキュリティー #ニュース
@SecureShield_
24 Dec 2025
66 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical flaw in the n8n automation platform, tracked as CVE-2025-68613 with a CVSS score of 9.9, could allow authenticated attackers to execute arbitrary code, risking full system compromise; users are urged to upgrade immediately. #Cybersecurity https://t.co/J3cixPdWjN
@Cyber_O51NT
24 Dec 2025
45 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical n8n flaw (CVE-2025-68613, CVSS 9.9) enables arbitrary code execution across over 100,000 instances worldwide, affecting versions 0.211.0 to 1.120.4. Patched updates available. #n8nBug #RemoteCodeExec #USA https://t.co/5JnuwpTJEZ
@TweetThreatNews
23 Dec 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical alert for n8n users ⚠️ CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code on versions 0.211.0-1.120.3. Update to 1.120.4+ or 1.121.1/1.122.0 now. If patching isn't possible, limit who can edit workflows and isolate your n8n instance. https://t.co
@superman_space
23 Dec 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ ALERT — A critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform. CVE-2025-68613 lets authenticated users execute arbitrary code, enabling full instance takeover, data access, and system-level actions. More than 103k exposed instances are observed
@topboykrepta
23 Dec 2025
88 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
یک آسیبپذیری امنیتی بحرانی در پلتفرم اتوماسیون گردش کار n8n افشا شده که در صورت بهرهبرداری موفقیتآمیز، میتواند منجر به اجرای کد دلخواه شود. این آسیب
@Teeegra
23 Dec 2025
866 Impressions
1 Retweet
17 Likes
0 Bookmarks
0 Replies
0 Quotes
#n8n CVE-2025-68613 - User can execute code with the privileges of the n8n process. Exploitation can lead to compromise of the instance, including access to sensitive data, modification of workflows, and execution of system-level operations. https://t.co/gaY1ucgXSy
@wallofsheep
23 Dec 2025
145 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical RCE flaw CVE-2025-68613 in n8n automation platform exposes 103,000+ instances globally, enabling authenticated code execution via workflow expressions. CVSS 9.9. #Vulnerability https://t.co/1csnPcC7Vb
@threatcluster
23 Dec 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68613: Critical n8n Bug Enables Arbitrary Code Execution #CyberSecurity #cyashadotcom #KIITNanhiPari https://t.co/7DpgWK70zg
@cyashadotcom
23 Dec 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68613: 103,000+ n8n Instances Exposed to Critical 9.9 RCE Exploit Read the full report on - https://t.co/4GZi1NMLdS https://t.co/Cb69lpz1J6
@Iambivash007
23 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - wioui/n8n-CVE-2025-68613-exploit: CVE-2025-68613: n8n RCE vulnerability exploit and documentation - https://t.co/6OvbuDbFzi
@piedpiper1616
23 Dec 2025
1692 Impressions
10 Retweets
32 Likes
20 Bookmarks
0 Replies
0 Quotes
📝 Vulnerabilidad crítica en n8n permite ejecución remota de código (CVE-2025-68613) 🔗 https://t.co/bwbguoRYtE #Ciberseguridad
@comfidentia
23 Dec 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica en 🔀n8n (CVSS 9.9) permite la ejecución de código arbitrario en miles de instancias CVE-2025-68613, CVSS de 9,9 sobre un máximo de 10,0 El paquete tiene alrededor de 57 000 descargas semanales, según las estadísticas de npm https://t.co/T3dJALpp5
@elhackernet
23 Dec 2025
52672 Impressions
122 Retweets
678 Likes
199 Bookmarks
5 Replies
18 Quotes
Vulnerabilidad crítica en n8n (CVE-2025-68613, CVSS 9,9) permite ejecución arbitraria de código por usuarios autenticados. Afecta a versiones ≥0.211.0 y <1.120.4. Hay más de 100.000 instancias expuestas. Actualizar es urgente. https://t.co/qsQjFf8P0f
@citarafy
23 Dec 2025
75 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
#n8n CVE-2025-68613 RCE Exploitation: A Detailed Guide https://t.co/GacL1ny0Nw
@kmkz_security
23 Dec 2025
2585 Impressions
14 Retweets
35 Likes
21 Bookmarks
0 Replies
0 Quotes
#Vulnerabilità critica in #n8n (CVE-2025-68613) - #RCE con CVSS 9.9 https://t.co/ZprVsQjikz #exploit #CVE #CVSS
@redmountxyz
23 Dec 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ¡Alerta Crítica en n8n! Vulnerabilidad CVSS 9.9 permite ejecución de código 🚨💣 Se ha revelado una vulnerabilidad de extrema gravedad (CVE-2025-68613) en la plataforma de automatización n8n. Con una puntuación de 9.9 sobre 10, este fallo permite a un atacante eje
@MineryReport
23 Dec 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical 9.9 CVSS flaw (CVE-2025-68613) in n8n platform enables arbitrary code execution across thousands of instances. Update your systems ASAP! 🚨 https://t.co/zlgQLiHzSY #n8n #Cybersecurity #Vulnerability #CodeExecution
@0xT3chn0m4nc3r
23 Dec 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 تم الكشف عن ثغرة أمنية حرجة في منصة n8n لأتمتة سير العمل، مما يسمح بتنفيذ شيفرة عشوائية. الثغرة، المعروفة باسم CVE-2025-68613، تحمل درجة CVSS تبلغ 9.9. المنصة تحظى
@Cybercachear
23 Dec 2025
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری جدی CVE-2025-68613 با درجه اهمیت 9.9 برای n8n منتشر شد! کاربر احرازهویت شده میتونه کد دلخواه با سطح دسترسی n8n پردازش کنه و در نهایت منجر به دسترسی به سیستم
@alisalehiman
23 Dec 2025
2733 Impressions
8 Retweets
76 Likes
17 Bookmarks
1 Reply
1 Quote
ワークフロー自動化基盤のn8nに極めて深刻な脆弱性が判明した。設定操作を通じて内部処理が悪用される恐れがあり、条件次第ではシステム全体が乗っ取られる可能性がある(CVE-2025-68613)。利用規模が大きいこ
@yousukezan
23 Dec 2025
1411 Impressions
2 Retweets
15 Likes
4 Bookmarks
0 Replies
0 Quotes
⚠️ ALERT — A critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform. CVE-2025-68613 lets authenticated users execute arbitrary code, enabling full instance takeover, data access, and system-level actions. More than 103k exposed instances are observ
@TheHackersNews
23 Dec 2025
131921 Impressions
182 Retweets
764 Likes
255 Bookmarks
6 Replies
43 Quotes
CVE-2025-68613-POC #exploit #scanner Public PoC + Scanner and research for CVE-2025-68613: Critical RCE in n8n Workflow Automation via Expression Injection (CVSS 10.0). Includes detection tools, full exploit, and remediation guidance. https://t.co/MUPWbgoM9g
@TheExploitLab
23 Dec 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
n8n-CVE-2025-68613-exploit #exploit #scanner CVE-2025-68613: n8n RCE vulnerability exploit and documentation https://t.co/dGmRaWLphi
@TheExploitLab
23 Dec 2025
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Nueva Vulnerabilidad crítica de Ejecución Remota de Código (RCE), con puntuación CVSS 10, que afecta a N8N (CVE-2025-68613) Más información : https://t.co/Rt2iu9CryO https://t.co/kTgltRcWzx
@CSIRT_Telconet
23 Dec 2025
111 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68613 - Critical Remote Code Execution (RCE) Vulnerability in #n8n exploited via SET node, any authenticated user can execute the system command. 💥 https://t.co/vjYjADLsuG
@ransomsec
22 Dec 2025
320 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert 🚨: CVE-2025-68613 (CVSS 10.0): A Critical Authenticated Remote Code Execution (RCE) Vulnerability in n8n. This bug allows authenticated users with workflow edit permissions to inject malicious expressions that escape the sandbox and execute arbitrary code on the ser
@chenhshiri
22 Dec 2025
152 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
有部署 n8n 到公网的小伙伴注意,爆出大漏洞,尽快升级 我的部署在gcp的处于关机状态了 不是之前 react 漏洞,专属 n8n 的新漏洞 CVE-2025-68613-表达式注入远程代码执行 最高危漏洞|CVSS 10.0/10.0|发布于2025年12月19日
@wlzh
22 Dec 2025
3374 Impressions
0 Retweets
5 Likes
4 Bookmarks
1 Reply
1 Quote
🚨 CVE-2025-68613 (CVSS 10.0): Découverte d’une faille dans n8n du type Remote Code Execution via Expression Injection Une tierce personne peut fournir des expressions malveillantes qui contournent l’isolement de l’exécution pour exécuter du code arbitraire avec des p
@justabreach
22 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE (CVSS 10) vulnerability affecting n8n instances: CVE-2025-68613 I've created a vulnerability detection script here: https://t.co/oU2JjW5lIy No signs of active exploitation, yet. Patches are available and users are strongly advised to upgrade to version http
@rxerium
22 Dec 2025
31546 Impressions
115 Retweets
524 Likes
270 Bookmarks
4 Replies
5 Quotes
🚨 CVE-2025-68613 (CVSS 10.0): n8n Vulnerable to Remote Code Execution via Expression Injection n8n workflow automation platform is vulnerable to Expression Injection. Authenticated attackers can supply malicious expressions that bypass execution isolation to run arbitrary code
@zoomeye_team
22 Dec 2025
14098 Impressions
41 Retweets
163 Likes
69 Bookmarks
1 Reply
0 Quotes
⚠️⚠️ CVE-2025-68613(CVSS 10.0): Total server compromise, unauthorized data access, and lateral movement 🔗FOFA Link: https://t.co/WAhM7bVfQr 🎯579.5k+ Results are found on the https://t.co/pb16tGXCUG nearly year. FOFA Query: app="n8n" 🔖Refer: https://t.co/hEjMOEqts
@fofabot
22 Dec 2025
13170 Impressions
32 Retweets
117 Likes
69 Bookmarks
2 Replies
1 Quote
🚨Alert🚨:CVE-2025-68613(CVSS 10.0): A Critical Remote Code Execution (RCE) Vulnerability in n8n. 📊905.9K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/htPYV2VaDy 👇Query HUNTER : https://t.co/q9rtuGfZuz="N8n" https://t.co/ySdtnCA
@HunterMapping
22 Dec 2025
17929 Impressions
78 Retweets
290 Likes
157 Bookmarks
6 Replies
1 Quote
n8n warns of a CVSS 10.0 RCE (CVE-2025-68613) in its expression system. Attackers can seize total server control. Upgrade to v1.122.0 immediately. #n8n #RCE #CyberSecurity #CVE202568613 #Automation #Infosec #DevOps #PatchNow https://t.co/AUoLy3OZYE
@the_yellow_fall
22 Dec 2025
413 Impressions
4 Retweets
11 Likes
4 Bookmarks
0 Replies
0 Quotes
n8n affected by Remote Code Execution via Expression Injection (CVE-2025-68613). Monitor for vendor patches and apply mitigating controls. https://t.co/zB4vdUedVB
@pulsepatchio
20 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I found a vulnerability in n8n that leads to RCE. Update your instances. Here is the advisory: CVE-2025-68613: https://t.co/Z88Hjt1MBN
@fatihclk01
20 Dec 2025
292 Impressions
1 Retweet
9 Likes
0 Bookmarks
0 Replies
1 Quote
🔴 CVE-2025-68613 - Critical n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability ... https://t.co/YnZlOhiLfA https://t.co/yrusDxqxS6
@TheHackerWire
19 Dec 2025
78 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-68613: CRITICAL] Critical Remote Code Execution (RCE) vulnerability found in n8n versions 0.211.0 to 1.120.4. Upgrade to versions 1.120.4, 1.121.1, or 1.122.0 to patch this security issue.#cve,CVE-2025-68613,#cybersecurity https://t.co/TpHpyUCE4n https://t.co/09GcLvo4eJ
@CveFindCom
19 Dec 2025
99 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes