CVE-2025-68949
n8n has a Webhook node IP whitelist bypass vulnerability (CVE-2025-68949). From 1.36.0 up to, but not including, 2.2.0, the Webhook node validated IPs by partial string matching rather than exact IP comparison. This could allow an incoming request from a non-whitelisted IP to be accepted if its a...