Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Source: The Hacker News

Author: info@thehackernews.com (The Hacker News)

URL: https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html

ONE SENTENCE SUMMARY:

A critical vulnerability in n8n could allow arbitrary code execution, affecting many global instances, and requiring urgent patch updates.

MAIN POINTS:

1. The vulnerability in n8n has a CVSS score of 9.9.
2. It was discovered by security researcher Fatih Çelik.
3. The issue affects versions from 0.211.0 to below 1.120.4.
4. Exploitation allows attackers to execute arbitrary code.
5. Successful attacks can compromise the entire n8n instance.
6. Over 103,476 instances are potentially vulnerable.
7. Instances are primarily in the U.S., Germany, France, Brazil, and Singapore.
8. The flaw has been patched in versions 1.120.4, 1.121.1, and 1.122.0.
9. Users must update immediately to protect their systems.
10. Temporary mitigation includes restricting user permissions and securing the environment.

TAKEAWAYS:

1. Update n8n to a patched version immediately.
2. Recognize the high severity of CVE-2025-68613.
3. Limit workflow permissions to trusted users only.
4. Deploy n8n in a secure, isolated environment.
5. Stay informed about global instances that might be at risk.