A critical security flaw has been discovered in the n8n workflow automation platform, allowing authenticated users to execute arbitrary system commands. This vulnerability, rated 9.9 on the CVSS scale, poses a significant risk to organizations relying on n8n for automating business processes and integrating services.

Key Takeaways

• Two critical vulnerabilities (CVE-2025-68668 and CVE-2025-68613) have been disclosed in n8n.

• Both vulnerabilities allow authenticated users to execute arbitrary system commands.

• The flaws affect specific versions of n8n, with patches available in newer releases.

• Immediate updates and adherence to security best practices are crucial for mitigation.

The N8n Vulnerabilities Explained

Two distinct but severe vulnerabilities have been identified within n8n. The first, tracked as CVE-2025-68668, resides in the Python Code Node, which utilizes Pyodide for execution. A sandbox bypass allows authenticated users with workflow creation or modification privileges to execute arbitrary operating system commands on the host running n8n. This flaw affects n8n versions from 1.0.0 up to, but not including, 2.0.0.

The second critical vulnerability, CVE-2025-68613, impacts n8n's server-side expression evaluation engine. This vulnerability allows authenticated users to inject malicious JavaScript expressions that escape the intended sandbox, leading to arbitrary code execution with the privileges of the n8n process. This can result in the theft of sensitive secrets, modification of files, and full control of the underlying server. This vulnerability affects n8n versions starting from 0.211.0 up to and including 1.120.3, and specific early releases of 1.121.x and 1.122.x.

Impact and Exploitation

Both vulnerabilities carry a CVSS score of 9.9, indicating a critical severity. The primary risk lies in the ability for authenticated users, even those with low-level permissions, to execute commands on the server hosting n8n. This can lead to data breaches, system compromise, and disruption of critical business processes. The exploitation of CVE-2025-68613 was notably detected around the Christmas holidays, suggesting attackers may target periods of reduced security monitoring.

Remediation and Mitigation

The definitive solution for both vulnerabilities is to upgrade n8n to a patched version. For CVE-2025-68668, version 2.0.0 and later address the issue by making a more secure native Python implementation the default. For CVE-2025-68613, patched versions include 1.120.4, 1.121.1, and 1.122.0 or later.

Temporary workarounds for CVE-2025-68668 include disabling the Code Node entirely, disabling Python support within the Code Node, or enabling the task runner-based Python sandbox. For CVE-2025-68613, organizations are advised to restrict workflow creation and editing to trusted users, implement the principle of least privilege, and ensure strong authentication. Environment hardening, such as running n8n with minimal OS privileges and restricting network access, is also recommended.

Security Best Practices

Beyond immediate patching, organizations should adopt robust security practices for n8n deployments. This includes regular security audits, strict access control, comprehensive logging and monitoring, and maintaining an incident response plan. Keeping n8n updated and subscribing to security advisories are essential for staying ahead of emerging threats.

Sources

• New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands, The Hacker News.

• CVE-2025-68613: Remote Code Execution via Expression Injection in n8n, Resecurity.

• CVE-2025-68668: Arbitrary Command Execution in n8n Python Code Node, SOCRadar® Cyber Intelligence Inc..