You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"description": "This module exploits a critical remote code execution vulnerability (CVE-2025-68613)\n in the n8n workflow automation platform. The vulnerability exists in the workflow\n expression evaluation system where user-supplied expressions enclosed in {{ }}\n are evaluated in an execution context that is not sufficiently isolated from the\n underlying Node.js runtime.\n\n An authenticated attacker can create a workflow containing malicious expressions\n that access the Node.js process object via this.process.mainModule.require (or via\n the constructor) to load child_process and execute arbitrary system commands.\n This module uses a Schedule Trigger node to automatically fire and evaluate the\n malicious payload. This requires valid credentials to create workflows.\n\n Successful exploitation may lead to full compromise of the n8n instance,\n including unauthorized access to sensitive data, modification of workflows,\n and execution of system-level operations.\n\n Affected versions: >= 0.211.0 and < 1.120.4, < 1.121.1, < 1.122.0",
0 commit comments