A critical security vulnerability has been identified in the n8n workflow automation platform, which could allow for arbitrary code execution. This vulnerability, designated as CVE-2025-68613, has been assigned a CVSS score of 9.9, indicating its severe impact. Discovered by security researcher Fatih Çelik, the flaw affects versions 0.211.0 and above, up to 1.120.4. The vulnerability arises from expressions supplied by authenticated users during workflow configuration being evaluated in an insufficiently isolated execution context, potentially leading to full system compromise.
The n8n platform, with approximately 57,000 weekly downloads, is widely used, and the vulnerability could affect over 103,000 instances globally, with significant concentrations in the U.S., Germany, France, Brazil, and Singapore. The vulnerability has been patched in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly urged to update to these versions to mitigate the risk of exploitation.
In addition to patching, it is suggested that users limit workflow creation and editing permissions to trusted individuals and deploy n8n in a hardened environment with restricted operating system privileges and network access. These measures can help reduce the risk of unauthorized access and system-level operations being executed by attackers.
The primary threat posed by CVE-2025-68613 is the potential for arbitrary code execution within the n8n workflow automation platform. This vulnerability allows authenticated users to execute code with the same privileges as the n8n process, which could lead to unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. The flaw affects all versions from 0.211.0 up to 1.120.4.
The vulnerability's impact is significant due to the high number of potentially affected instances—over 103,000 globally—and its critical CVSS score of 9.9. Exploitation could result in full compromise of affected systems, making it imperative for users to apply patches promptly.
Clients using the n8n workflow automation platform may face operational disruptions if their systems are compromised due to this vulnerability. Unauthorized access to sensitive data could lead to data breaches, resulting in financial losses and reputational damage. Additionally, clients may encounter regulatory compliance issues if sensitive information is exposed or if system integrity is compromised.
From a compliance perspective, organizations must ensure that they are adhering to relevant data protection regulations and standards. Failure to address this vulnerability could result in audits or penalties due to non-compliance with security requirements.
To mitigate the risks associated with CVE-2025-68613, clients should consider the following actions:
By taking these steps, clients can significantly reduce the risk of exploitation and protect their systems from unauthorized access and potential data breaches.
1898 & Co. is actively monitoring the situation surrounding the n8n vulnerability and is prepared to assist clients in mitigating associated risks. Our team offers services such as vulnerability assessments and patch management to help clients identify and address security gaps promptly.
We are updating our security protocols to incorporate the latest threat intelligence related to this vulnerability and are collaborating with industry partners to share insights and best practices for mitigation. Our ongoing research efforts focus on identifying emerging threats and providing clients with timely information to enhance their security posture.
Clients can rely on our expertise to navigate the complexities of cybersecurity threats like CVE-2025-68613. We provide tailored solutions that align with industry standards and help organizations maintain compliance while safeguarding their critical assets.