2 matches found
GHSA-9G95-QF3F-GGRW n8n has OS Command Injection in Git Node
Impact Vulnerabilities in the Git node allowed authenticated users with permission to create or modify workflows to execute arbitrary system commands or read arbitrary files on the n8n host. Patches The issue has been fixed in n8n versions 2.5.0, and 1.123.10. Users should upgrade to this version...
CVE-2025-62726
The CVE-2025-62726 entry concerns n8n (Cloud and Self-Hosted) with a remote code execution vulnerability in the Git Node prior to 1.113.0. When cloning a remote repository containing a pre-commit hook, a subsequent Commit operation can trigger the hook, allowing arbitrary code execution in the n8...