Critical vulnerability in n8n allows remote code execution (CVE-2025-68613)
A critical security vulnerability has been revealed in the n8n workflow automation platform. The flaw, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked as CVE-2025-68613, has a CVSS score of 9.9 out of 10.0, underscoring its severity. According to npm statistics, the n8n package records approximately 57,000 weekly downloads. Vulnerability and Impact Details The maintainers of the npm package stated that “under certain conditions, expressions provided by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime.” ...