CVE-2025-62726 Overview
CVE-2025-62726 is a remote code execution vulnerability in n8n, an open source workflow automation platform. The flaw affects the Git Node component in both Cloud and Self-Hosted deployments prior to version 1.113.0. An attacker who controls a remote Git repository can plant a malicious pre-commit hook. When an n8n user clones the repository and then invokes the Commit operation through the Git Node, the hook executes inside the n8n environment. This grants arbitrary code execution in the context of the n8n process, exposing stored credentials, workflows, and connected systems. The issue is tracked under [CWE-829: Inclusion of Functionality from Untrusted Control Sphere] and was fixed in n8n 1.113.0.
Critical Impact
Authenticated attackers can achieve remote code execution within the n8n environment by tricking users into committing to an attacker-controlled repository, compromising credentials and workflows.
Affected Products
- n8n Self-Hosted versions prior to 1.113.0
- n8n Cloud (pre-patch deployments)
- Any n8n workflow leveraging the Git Node component
Discovery Timeline
- 2025-10-30 - CVE-2025-62726 published to NVD
- 2025-12-31 - Last updated in NVD database
Technical Details for CVE-2025-62726
Vulnerability Analysis
The Git Node in n8n wraps Git operations such as clone, add, and commit so workflows can interact with remote repositories. Git natively supports hook scripts stored under the .git/hooks/ directory of a cloned repository. A pre-commit hook runs automatically on the local machine each time git commit is invoked. Because the Git Node executed commit operations without disabling or sandboxing local hooks, scripts shipped inside a cloned repository ran with the privileges of the n8n process.
Exploitation requires an attacker to publish or modify a Git repository that an n8n workflow will clone, then wait for a Commit operation. The attack vector is network-based, requires low privileges on the n8n instance, and needs no user interaction beyond normal workflow execution. Successful exploitation yields confidentiality, integrity, and availability impact across the host, including access to stored API tokens, OAuth credentials, and database connections used by other workflows.
Root Cause
The root cause is the inclusion of functionality from an untrusted control sphere [CWE-829]. The Git Node trusted repository contents — including executable hook scripts — without enforcing core.hooksPath isolation or passing flags such as --no-verify to suppress hook execution during commits.
Attack Vector
An attacker stages a malicious repository containing a pre-commit hook with arbitrary shell commands. When an n8n user or workflow clones the repository and triggers the Commit operation in the Git Node, Git invokes the hook on the n8n host. The hook executes with the permissions of the n8n runtime, allowing credential theft, lateral movement, or workflow tampering. Technical details are available in the GitHub Security Advisory GHSA-xgp7-7qjq-vg47 and the fix commit.
Detection Methods for CVE-2025-62726
Indicators of Compromise
- Presence of executable scripts under .git/hooks/ (notably pre-commit, post-commit, post-checkout) inside repositories cloned by n8n workflows.
- Unexpected child processes spawned by the n8n process such as sh, bash, python, or node immediately following Git Node Commit operations.
- Outbound network connections from the n8n host to unknown destinations shortly after a Git workflow runs.
- Modifications to n8n credential stores or workflow definitions not tied to a known user action.
Detection Strategies
- Audit n8n workflows that use the Git Node and inventory the remote repositories they interact with.
- Monitor process ancestry on the n8n host for shells or interpreters launched as descendants of the n8n runtime.
- Inspect n8n execution logs for Git Node operations correlated with anomalous file system or network activity.
Monitoring Recommendations
- Enable verbose execution logging on n8n and forward events to a centralized SIEM for correlation.
- Alert on the creation or modification of files under any .git/hooks/ path on the n8n host.
- Track egress traffic from the n8n service account and baseline expected destinations for Git operations.
How to Mitigate CVE-2025-62726
Immediate Actions Required
- Upgrade all n8n Self-Hosted instances to version 1.113.0 or later without delay.
- Confirm n8n Cloud tenants are running the patched release and rotate any credentials referenced by Git workflows.
- Review the list of repositories accessed by Git Node workflows and remove any from untrusted sources.
- Run the n8n service under a least-privileged account isolated from sensitive host resources.
Patch Information
The vulnerability is fixed in n8n 1.113.0. The remediation is delivered in pull request #19559 and applied in commit 5bf3db5. Refer to the GitHub Security Advisory GHSA-xgp7-7qjq-vg47 for vendor guidance.
Workarounds
- Restrict Git Node usage to vetted, internally controlled repositories until the patch is applied.
- Disable Git hook execution globally on the n8n host by setting core.hooksPath to an empty directory for the n8n service user.
- Run n8n inside a hardened container with read-only file systems and no outbound internet access where feasible.
# Configuration example: disable Git hooks for the n8n service user
mkdir -p /opt/n8n/empty-hooks
sudo -u n8n git config --global core.hooksPath /opt/n8n/empty-hooks
# Verify the n8n package version after upgrade
npm list -g n8n | grep n8n@
# Expected: n8n@1.113.0 or later
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
