Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/12/10 12:28 a.m.3 views

CVE-2025-65964

n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including core.hooksPath, which can poi...

9.4CVSS6.8AI score0.00605EPSS
Exploits1References1
NVD
NVDadded 2025/12/09 12:15 a.m.4 views

CVE-2025-65964

n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including core.hooksPath, which can poi...

9.4CVSS0.00605EPSS
Exploits1References4
CVE
CVEadded 2025/12/08 11:35 p.m.24 views

CVE-2025-65964

Summary: CVE-2025-65964 affects n8n open source workflow automation. Versions 0.123.1 through 1.119.1 allow remote code execution via the Git node’s pre-commit hook handling. The issue arises because Add Config can set arbitrary Git values (e.g., core.hooksPath), enabling a malicious Git hook to ...

9.4CVSS6.7AI score0.00605EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2025/12/08 11:35 p.m.29 views

CVE-2025-65964 n8n Vulnerable to Remote Code Execution via Git Node Custom Pre-Commit Hook

n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including core.hooksPath, which can poi...

9.4CVSS0.00605EPSS
Exploits1References4
OSV
OSVadded 2025/12/08 9:30 p.m.4 views

GHSA-WPQC-H9WP-CHMQ n8n vulnerable to Remote Code Execution via Git Node Custom Pre-Commit Hook

Impact The n8n Git node allows workflows to set arbitrary Git configuration values through the Add Config operation. When an attacker-controlled workflow sets core.hooksPath to a directory within the cloned repository containing a Git hook such as pre-commit, Git executes that hook during...

9.4CVSS6.7AI score0.00605EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/12/08 12:0 a.m.4 views

PT-2025-49610

Name of the Vulnerable Software and Affected Versions n8n versions 0.123.1 through 1.119.1 Description n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 lack sufficient protections against Remote Code Execution RCE through the project's pre-commit hooks. The Add...

9.4CVSS7.5AI score0.00605EPSS
Exploits1References19
Rows per page
Query Builder