Lucene search
K

CVE-2025-68613

🗓️ 19 Dec 2025 22:23:47Reported by GitHub_MType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 53 Media mentions👁 607 Views🌐 WEB

Critical remote code execution in n8n via expression evaluation; fixed in certain versions; upgrade.

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for CVE-2025-68613
25 Dec 202520:01
githubexploit
GithubExploit
Exploit for CVE-2025-68613
26 Dec 202519:40
githubexploit
GithubExploit
Exploit for Improper Input Validation in N8N
20 Jan 202611:50
githubexploit
GithubExploit
Exploit for CVE-2025-68613
24 Dec 202513:07
githubexploit
GithubExploit
Exploit for CVE-2025-68613
26 Dec 202515:40
githubexploit
GithubExploit
Exploit for CVE-2025-68613
22 Dec 202506:45
githubexploit
GithubExploit
Exploit for Improper Control of Dynamically-Managed Code Resources in N8N
22 Dec 202518:41
githubexploit
GithubExploit
Exploit for Improper Input Validation in N8N
30 Jan 202622:38
githubexploit
GithubExploit
Exploit for Improper Input Validation in N8N
9 Apr 202611:09
githubexploit
GithubExploit
Exploit for CVE-2025-68613
24 Dec 202517:38
githubexploit
Rows per page
NVD
Vulners
Node
n8nn8nRange0.211.01.120.4node.js
OR
n8nn8nMatch1.121.0node.js
[
  {
    "vendor": "n8n-io",
    "product": "n8n",
    "versions": [
      {
        "version": ">= 0.211.0, < 1.120.4",
        "status": "affected"
      },
      {
        "version": "= 1.121.0",
        "status": "affected"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
nodes[1].parameters.values.string[0].valuerequest bodyrest/workflowsMalicious workflow payload uses expression {{ ... }} to reach Node.js process and execute arbitrary commands, exploiting unisolated expression evaluation.CWE-913

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 09:59Current
7.5High risk
Vulners AI Score7.5
CVSS 3.18.8 - 9.9
EPSS0.97875
SSVC
607