A critical remote code execution vulnerability (CVE-2025-68613, CVSS 9.9) was disclosed in n8n on December 19, 2025, affecting versions prior to the December 2025 patches. Public proof-of-concept exploits exist, many instances are internet-exposed (477 in Italy per Censys), and immediate upgrades to 1.120.4, 1.121.1, or 1.122.0 are strongly recommended. #n8n #CVE-2025-68613
Keypoints
- The vulnerability (CVE-2025-68613, CVSS 9.9) affects n8n expression evaluation, enabling remote code execution when user-controlled input is improperly isolated.
- The n8n team released fixes in versions 1.120.4, 1.121.1, and 1.122.0; vulnerable releases include 0.211.0 up to before those patched versions.
- Exploitation requires authentication but is realistic due to shared accounts, internal tokens, reused credentials, and compromised internal access.
- Public exploit and detection scripts are already available, demonstrating command execution on the host via crafted workflows.
- An exposed n8n instance can grant access to databases, cloud services, external APIs, application secrets, and internal systems, enabling broad pivoting.
- There are 477 publicly exposed n8n instances in Italy according to Censys, indicating a significant attack surface for opportunistic scanning and exploitation.
- Recommended mitigations: urgent upgrade to patched versions, restrict who can create/modify workflows, avoid internet exposure, apply network segmentation, and review workflows and logs for anomalies.
MITRE Techniques
- [T1190] Exploit Public-Facing Application β Exploit of n8nβs expression engine allowed remote code execution via crafted workflows (βit allows exiting the intended scope of the expression and accessing low-level runtime objects, resulting in arbitrary code execution on the system hosting n8n.β)
- [T1059] Command and Scripting Interpreter β Successful exploitation results in execution of commands on the server (βcould lead to the execution of commands on the server.β)
- [T1078] Valid Accounts β Attack requires authentication and leverages weak or reused credentials, shared accounts, or internal tokens to gain access (βThe attack requires authentication β¦ shared accounts, internal tokens, reused credentials, or compromised internal access make exploitation plausible.β)
- [T1552] Unsecured Credentials β Compromised instance can expose application secrets and credentials, enabling access to databases, cloud services, and external APIs (βaccess to databases, cloud services, external APIs, application secrets, and internal systems.β)
Indicators of Compromise
- [CVE ] vulnerability identifier β CVE-2025-68613
- [Software Version ] vulnerable and patched releases β vulnerable: from 0.211.0 up to before 1.120.4; patched: 1.120.4, 1.121.1, 1.122.0
- [Public Instances ] internet-exposed instances count β 477 n8n instances in Italy indexed by Censys
- [Exploit Scripts ] proof-of-concept and scanner artifacts β public exploit scripts and vulnerability-check scripts (e.g., proof-of-concept workflow payloads), and other detection/exploit samples reported