A serious security issue has come to light in the n8n workflow automation platform. This vulnerability, known as CVE-2025-68613, can allow attackers to execute arbitrary code under certain conditions. The score for this vulnerability is alarmingly high at 9.9 out of 10, indicating its severity.
According to recent data, n8n sees around 57,000 downloads each week. The maintainers have warned that authenticated users may inadvertently supply expressions during workflow configuration, which could be evaluated in a less secure environment. This exposes the system to potential exploitation.
Experts in cybersecurity stress the importance of addressing vulnerabilities quickly. A senior security analyst shared, “Timely updates are crucial for protecting user data and system integrity.” If exploited, this flaw could allow attackers to access sensitive information, alter workflows, and execute commands with n8n’s privileges.
The vulnerability affects versions 0.211.0 up to, but not including, 1.120.4. Users should upgrade to versions 1.120.4, 1.121.1, or 1.122.0, which contain the necessary patches. Statistics from Censys indicate there are currently over 103,476 potentially vulnerable instances, with many located in countries like the U.S., Germany, and Brazil.
Given the risk, users are urged to update their software promptly. If immediate updates can’t be done, it’s wise to restrict workflow editing to trusted users only. Running n8n in a secure environment with limited access can also help reduce exposure to this threat. Historically, software vulnerabilities like this one remind us of the ongoing need for vigilance in cybersecurity to protect users’ data and privacy.
Source link
cyber security news, cyber news, cyber security news today, cyber security updates, cyber updates, hacker news, hacking news, software vulnerability, cyber attacks, data breach, ransomware malware, how to hack, network security, information security, the hacker news, computer security
