- by x32x01 ||
Critical RCE Vulnerability in n8n - Act NowA critical security vulnerability has been discovered in n8n, tracked as CVE-2025-68613.
This flaw has a CVSS score of 9.9/10, making it extremely dangerous
.The vulnerability allows Remote Code Execution (RCE) with sandbox escape, which can lead to full server compromise.
If you’re using n8n for automation or integrations, you should check your version immediately
.
Technical Details (Simplified)
The issue is caused by an Expression Injection vulnerability due to:- Weak expression handling
- Allowing authenticated users to escape the Node.js sandbox
Access the underlying operating system
Execute commands on the server
Leak sensitive data
What Are the Real Risks?
Exploiting this vulnerability can result in:- Full server takeover
Credential leakage
Exposure of stored API keys
Complete control over workflows
.
Affected n8n Versions
You are vulnerable if you’re running any version in this range 
- From v0.211.0
- Up to but not including v1.120.4
These versions are unsafe and should not be used anymore.
Safe Versions (Mandatory Update)
You must update immediately to one of the following secure versions 
v1.120.4- v1.121.1
- v1.122.0 or any newer release
.
Important Advice for Docker Users
If you’re running n8n with Docker:
Update the Docker image tag immediately
Restart the container
Review logs and settings for suspicious activity
.
Final Thoughts
Extremely dangerous RCE vulnerability- Impact can lead to full system control
- Immediate update is the only fix
- Don’t delay - security comes first