AI description
CVE-2025-68668 is a vulnerability that affects n8n, an open-source workflow automation platform. Specifically, it is a sandbox bypass vulnerability found in the Python Code Node that utilizes Pyodide. This vulnerability exists in n8n versions from 1.0.0 to before 2.0.0. An authenticated user with the permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n. The attacker can execute commands with the same privileges as the n8n process. This issue has been patched in version 2.0.0. Workarounds include disabling the Code Node or Python support, or configuring n8n to use the task runner-based Python sandbox.
- Description
- n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process. This issue has been patched in version 2.0.0. Workarounds for this issue involve disabling the Code Node by setting the environment variable NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]", disabling Python support in the Code node by setting the environment variable N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0, and configuring n8n to use the task runner based Python sandbox via the N8N_RUNNERS_ENABLED and N8N_NATIVE_PYTHON_RUNNER environment variables.
- Source
- security-advisories@github.com
- NVD status
- Modified
- Products
- n8n
CVSS 3.1
- Type
- Primary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-693
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
10
🚨 Upozorňujeme na kritickou zranitelnost v n8n, CVE-2025-68668. Tato zranitelnost umožňuje autentizovanému útočníkovi s oprávněním vytvářet nebo upravovat workflow obejít sandbox omezení v Python Code Node (využívající Pyodide) a spustit libovolné systémov
@GOVCERT_CZ
7 Jan 2026
237 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-68668 (CVSS 9.9) : New n8n Vulnerability Lets Authenticated Users Execute System Commands. 🧐Deep Dive :https://t.co/tJASkiYDgA 📊933.9K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/4egX4O40LN 👇Query HUNTER :
@HunterMapping
7 Jan 2026
3121 Impressions
18 Retweets
66 Likes
22 Bookmarks
0 Replies
1 Quote
🚨n8n vulnerability Priority Alert for DevOps & Automation teams: A 9.9/10 Critical vulnerability (CVE-2025-68668) has just hit n8n. If you’re self-hosting, patch NOW. Full technical breakdown here: https://t.co/z5S3K5yFdi https://t.co/gcMuddOGoD
@cvedatabase
6 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidade crítica no n8n permite execução de comandos: Falha grave no n8n (CVE-2025-68668) permite que usuários autenticados executem comandos arbitrários no sistema, afetando versões até 2.0.0; atualização para 2.0.0 corrige o problema. https://t.co/PQbhov27FC
@caveiratech
6 Jan 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
یک آسیبپذیری امنیتی بحرانی در پلتفرم اتوماسیون گردش کار متنباز n8n کشف شده که به مهاجمان احراز هویت شده اجازه میدهد دستورات دلخواه سیستمی را بر روی سر
@Teeegra
6 Jan 2026
2203 Impressions
1 Retweet
20 Likes
3 Bookmarks
0 Replies
0 Quotes
A critical flaw (CVE-2025-68668) in n8n versions before 2.0.0 allows authenticated users to bypass the Python Code Node sandbox and execute arbitrary system commands. Fixed in v2.0.0. #n8nSecurity #CodeExecution #CVE2025 https://t.co/nC4eymAs7j
@TweetThreatNews
6 Jan 2026
47 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📢 𝐇𝐨𝐭 𝐨𝐟𝐟 𝐭𝐡𝐞 𝐩𝐫𝐞𝐬𝐬: 𝐂𝐕𝐄 𝐢𝐧𝐬𝐢𝐠𝐡𝐭𝐬! Inside CVE-2025-68668: Learn how this critical n8n automation flaw lets attackers bypass sandbox defenses to gain OS-level access. 🌐 Explore the write-up → https
@PurpleOps_io
6 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
n8n workflow automation platformunda CVE-2025-68668 kodlu kritik zafiyet (CVSS 9.9) açıklandı. Yetkili kullanıcılar sistemde arbitrary command execution yapabilir. Sorun protection mechanism failure kaynaklıdır. https://t.co/leR1BdZE7c
@err_cod
6 Jan 2026
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical n8n vulnerability (CVE-2025-68668) rated CVSS 9.9 allows authenticated users to run arbitrary system commands on the host. Patch released. Update immediately or disable vulnerable nodes. Link in pinned comment. What’s your take on automation platform security? https:
@TechNadu
6 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A critical flaw in n8n workflow automation (CVE-2025-68668) allows authenticated users to execute arbitrary system commands. Update to version 2.0.0 immediately. https://t.co/ndG1ogczw7 #CyberSecurity #n8nSecurity #RCE #PythonExploit #VulnerabilityAlert #Infosec #Pyodide https
@redsecuretech
6 Jan 2026
46 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
n8n'de kritik bir sandbox-bypass açığı (CVE-2025-68668, CVSS: 9.9) keşfedildi. Kimliği doğrulanmış saldırganlar, sunucuda rastgele komut çalıştırabilir. Tüm n8n kullanıcıları derhal güncelleme yapmalı. #SiberGuvenlik #CVE #Exploit https://t.co/6h19uuzftl
@osmanmuratgul
6 Jan 2026
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New n8n critical vulnerability CVE-2025-68668 https://t.co/re21Kvytst #infosec
@allaboutclait
6 Jan 2026
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical security vulnerability in n8n! Authenticated users can execute system commands 🔒 CVE-2025-68668 scored 9.9 CVSS. Protection mechanism failed! Update now! #n8n #SecurityVulnerability #CVSS9.9 🛡️ Read more: https://t.co/bbNreIVb7w
@HackingRabbitS
6 Jan 2026
213 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
1 Quote
🚨 Critical Alert: A new n8n vulnerability (CVE-2025-68668, CVSS 9.9) allows authenticated users to execute system commands via a sandbox bypass. If you run n8n < 2.0.0, patch NOW. 👉 Full breakdown & mitigations below. https://t.co/gT2GzyFo0B #CyberSecurity #DevOps
@FindSecCyber
6 Jan 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 N8n users, buckle up! CVE-2025-68668 is a wild ride. Authenticated users can system command via workflows? That's like giving your keys to a valet and they go joyriding on your server! 🚗💨 Patch immediately if you're 1.x! https://t.co/jehHXRQMVx #N8n #CVE #InfoSec
@zench4n
6 Jan 2026
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68668 dropped! 😮 Looks like some software thought it was a good idea to accept ANY old input. It's like leaving your digital front door unlocked with a "come on in!" sign. Patch up, folks! 🔒 Read more: https://t.co/jehHXRQMVx #CyberSecurity #CVE #Vulnerability
@zench4n
6 Jan 2026
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Une faille critique (CVE-2025-68668, CVSS 9.9) dans n8n permet l'exécution de commandes système. Mise à jour urgente requise. #Cybersecurity #Vulnerability https://t.co/1QtkEonpM4 @TheHackersNews
@cyberwatcher_
6 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A critical sandbox vulnerability (CVE-2025-68668; CVSS 9.9) in n8n's python code node allows authenticated users to execute arbitrary commands on the target system. I've created a vulnerability script here: https://t.co/Urp4ucjPFX In n8n version 1.111.0, a task-runner-base
@rxerium
6 Jan 2026
14653 Impressions
53 Retweets
260 Likes
106 Bookmarks
3 Replies
0 Quotes
N8n patched a critical flaw (CVE-2025-68668) in its workflow automation platform that let authenticated users run system commands on the host via a Python sandbox bypass. The bug affects versions 1.0.0–&lt;2.0.0 and is fixed in 2.0.0. 💖38 9 https://t.co/SHUCVdII7f
@MillyWinbu51816
6 Jan 2026
18 Impressions
2 Retweets
2 Likes
0 Bookmarks
9 Replies
0 Quotes
📌 تم الكشف عن ثغرة أمنية خطيرة في منصة n8n للأتمتة، تتيح للمهاجمين المعتمدين تنفيذ أوامر نظام عشوائية. تم تصنيف الثغرة برمز CVE-2025-68668 وحصلت على تقييم 9.9 في ن
@Cybercachear
6 Jan 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Popular workflow automation platform n8n disclosed a critical flaw that lets authenticated users with workflow edit rights execute OS commands on the host. Tracked as CVE-2025-68668, the issue carries a CVSS score of 9.9. 🔗 Details here → https://t.co/M4YcSAP9Ip
@TheHackersNews
6 Jan 2026
12410 Impressions
46 Retweets
93 Likes
23 Bookmarks
4 Replies
1 Quote
CVE-2025-68668 poses a serious threat to n8n users! This vulnerability allows for sandbox bypass, risking your workflows. Know your risks and read our insights here: https://t.co/HwhmOeI5gR #n8n #Cybersecurity #Vulnerability
@Smart_NFT2
2 Jan 2026
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 n8n [—] Jan 01, 2026 Comprehensive security advisory on critical vulnerabilities, including CVE-2025-68613 and CVE-2025-68668, impacting the n8n workflow automation platform. Aimed at informing enterprise operators, administrators, and integrators about risks, impacts, and
@transilienceai
1 Jan 2026
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
n8n-io/n8n is vulnerable to arbitrary command execution (CVE-2025-68668) via its Pyodide-based Python Code Node. #n8n #RCE #infosec https://t.co/XTpRkcb4ey
@pulsepatchio
27 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68668 n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodid… https://t.co/Re51s5LsNQ
@CVEnew
27 Dec 2025
97 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: n8n-io n8n (v1.0.0–<2.0.0) has a sandbox bypass bug—CVE-2025-68668. Auth'd users with workflow perms can run arbitrary commands! Patch to v2.0.0 ASAP. Details: https://t.co/Kz1LQRlSl3 #OffSeq #n8n ... https://t.co/wU5plmEUtF
@offseq
27 Dec 2025
67 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2025-68668: CRITICAL] Critical security update for n8n workflow automation platform! A vulnerability allows execution of arbitrary commands pre-2.0.0. Update to version 2.0.0 to stay secure.#cve,CVE-2025-68668,#cybersecurity https://t.co/oPKtUt0lOt https://t.co/CpQeSKgE8e
@CveFindCom
26 Dec 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68668 Authenticated Sandbox Bypass in n8n Python Code Node Leading to Remote Code Execution https://t.co/N4JBZNafLE
@VulmonFeeds
26 Dec 2025
82 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-68668 - Critical n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated u... https://t.co/0msUnUAK7V https://t.co/nRsOJg4IJY
@TheHackerWire
26 Dec 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "FF192A40-40BB-4836-836D-D8FBF2694556",
"versionEndExcluding": "2.0.0",
"versionStartIncluding": "1.0.0"
}
],
"operator": "OR"
}
]
}
]