Skip to main content
9 – 17 UHR +49 8031 3508270 LUITPOLDSTR. 9, 83022 ROSENHEIM
DE / EN
AI Management

Critical Security Vulnerability in n8n (CVE-2025-68613): What Administrators Need to Know Now

Tobias Jonas Tobias Jonas | | 4 min read

Critical Security Vulnerability in n8n (CVE-2025-68613): What Administrators Need to Know Now

The workflow automation platform n8n has established itself as an indispensable tool for countless companies and developers. Its flexibility and open-source approach make it a popular choice for automating complex processes. However, this widespread adoption makes a recently discovered security vulnerability all the more concerning.

Under the identifier CVE-2025-68613, a critical vulnerability has been published that requires immediate action from administrators. We have compiled all the important information for you here.

What Exactly Is the CVE-2025-68613 Vulnerability?

This vulnerability is a Remote Code Execution (RCE) vulnerability at the heart of n8n: the workflow expression evaluation system. The vulnerability has been rated with a CVSS score of 9.9 (critical), representing the highest level of threat.

The cause lies in the fact that under certain conditions, expressions entered by an authenticated user during workflow configuration can be executed in a context that is not sufficiently isolated from the underlying server runtime environment. Simply put: The “sandbox” that should safely separate workflow code from the rest of the system is leaky.

An attacker who already has access to an n8n instance could exploit this vulnerability to execute arbitrary code with the privileges of the n8n process on the server.

What Risk Does the Vulnerability Pose?

A successful attack can have catastrophic consequences and lead to complete compromise of the affected n8n instance. This includes:

  • Unauthorized access to sensitive data: All data that the n8n process has access to, including credentials, API keys, and confidential information from connected services, can be read.
  • Manipulation of workflows: Existing automations can be modified unnoticed to steal data, sabotage processes, or spread misinformation.
  • Execution of system commands: In the worst case, the attacker can gain control of the underlying server, install additional malware, and spread through the network.

How Many Systems Are Affected?

Security researchers at Censys paint an alarming picture. Worldwide, over 100,000 n8n instances are reachable via the internet and potentially vulnerable. Germany ranks second among the most affected countries with over 17,000 systems, right after the USA.

Affected versions: All n8n versions from 0.211.0 and before the patched versions mentioned below are vulnerable.

The urgency is underscored by the fact that a working Proof-of-Concept (PoC) exploit is already publicly available. It is only a matter of time before automated attacks on unpatched systems begin.

How Can You Protect Your Systems?

The developers of n8n have responded quickly and provided security updates. Administrators are urgently advised to update their instances immediately.

Safe versions start from:

  • 1.120.4
  • 1.121.1
  • 1.122.0

What to do if an immediate update is not possible? If an update cannot be performed immediately, there are temporary risk mitigation measures. However, it is important to emphasize that these do not close the vulnerability but only reduce the attack surface:

  1. Restrict permissions: Grant rights to create and edit workflows only to absolutely trusted users.
  2. Harden the system: Operate n8n in an isolated environment with minimal operating system privileges and restricted network access to limit potential damage in case of compromise.

These measures are only a short-term bridge. An update to a secure version is unavoidable.

Conclusion and Our Contribution to Customer Security

The CVE-2025-68613 security vulnerability is one of the most critical vulnerabilities in recent times and poses a serious threat to all operators of vulnerable n8n instances. Proactive action is key to defending against potential attacks.

For this reason, we would like to make an important announcement to our customers: There is no need for action on your part. As part of our CompanyGPT service, proactive maintenance and monitoring of your systems is our standard. Our security team updated all n8n instances we manage to the latest, secure versions immediately after the vulnerability became known. Your automation environment is and remains protected.

If you have any questions about this topic or about our managed services, our team is always happy to assist you.

Tobias Jonas
Written by

Tobias Jonas

Co-CEO, M.Sc.

Tobias Jonas, M.Sc. ist Mitgründer und Co-CEO der innFactory AI Consulting GmbH. Er ist ein führender Innovator im Bereich Künstliche Intelligenz und Cloud Computing. Als Co-Founder der innFactory GmbH hat er hunderte KI- und Cloud-Projekte erfolgreich geleitet und das Unternehmen als wichtigen Akteur im deutschen IT-Sektor etabliert. Dabei ist Tobias immer am Puls der Zeit: Er erkannte früh das Potenzial von KI Agenten und veranstaltete dazu eines der ersten Meetups in Deutschland. Zudem wies er bereits im ersten Monat nach Veröffentlichung auf das MCP Protokoll hin und informierte seine Follower am Gründungstag über die Agentic AI Foundation. Neben seinen Geschäftsführerrollen engagiert sich Tobias Jonas in verschiedenen Fach- und Wirtschaftsverbänden, darunter der KI Bundesverband und der Digitalausschuss der IHK München und Oberbayern, und leitet praxisorientierte KI- und Cloudprojekte an der Technischen Hochschule Rosenheim. Als Keynote Speaker teilt er seine Expertise zu KI und vermittelt komplexe technologische Konzepte verständlich.

LinkedIn

Related Articles

A2UI AI Act

AI 2026: 6 Truths Every CIO Must Face

22.12.2025
Podcast AI Management

AI for Everyone & Why 90% of Your Employees Still Won't Use …

24.11.2025
AI Agents AI Management

Security in Enterprise AI: Insights from Practice and the …

20.10.2025
Back to Blog