CVE-2025-65964 Overview
CVE-2025-65964 is a remote code execution vulnerability in n8n, an open source workflow automation platform. Versions 0.123.1 through 1.119.1 fail to restrict Git configuration values set through the Git node's Add Config operation. Attackers with permission to create or modify workflows can set core.hooksPath to point to a malicious Git hook. Subsequent Git operations then execute arbitrary commands on the n8n host. The maintainers fixed the issue in version 1.119.2. The flaw is tracked under [CWE-829: Inclusion of Functionality from Untrusted Control Sphere].
Critical Impact
Authenticated workflow editors can achieve full remote code execution on the n8n host through abuse of Git pre-commit hooks.
Affected Products
- n8n versions 0.123.1 through 1.119.1
- n8n Git node (Add Config operation)
- Self-hosted and containerized n8n deployments using the Git node
Discovery Timeline
- 2025-12-09 - CVE-2025-65964 published to NVD
- 2026-01-02 - Last updated in NVD database
Technical Details for CVE-2025-65964
Vulnerability Analysis
The vulnerability resides in the Git node's Add Config operation. The operation passes user-controlled key/value pairs directly to git config without validating which configuration keys are permitted. Git supports the core.hooksPath directive, which redirects hook execution to an arbitrary directory. An attacker who controls a workflow can point this directive at a path containing executable hook scripts. When any subsequent Git operation runs in that repository context, Git executes the attacker-controlled script under the n8n process identity.
The attack inherits the privileges of the n8n runtime user. On typical container deployments this grants access to workflow secrets, credential stores, environment variables, and the underlying host filesystem.
Root Cause
The Git node lacks an allowlist of safe configuration keys. Git treats core.hooksPath as a trusted local setting, but n8n exposes this trust boundary to remote workflow authors. The platform also lacks sandboxing for Git node operations, so any hook script runs in the same context as the n8n server process.
Attack Vector
Exploitation requires authenticated access sufficient to create or modify a workflow that uses the Git node. The attacker writes a hook script to a path reachable by n8n, then configures a workflow with two Git node operations. The first invokes Add Config to set core.hooksPath to the directory containing the malicious script. The second triggers any Git action such as commit, clone, or checkout against a repository, which causes Git to execute the planted hook and run arbitrary commands on the host.
No verified public exploit code is available. See the GitHub Security Advisory GHSA-wpqc-h9wp-chmq for vendor technical detail.
Detection Methods for CVE-2025-65964
Indicators of Compromise
- Workflows containing Git node Add Config operations that set core.hooksPath, core.sshCommand, core.editor, or other executable-related Git keys
- Unexpected hook scripts written under directories accessible to the n8n process, particularly outside repository .git/hooks paths
- Child processes spawned by the n8n service that do not match the standard git binary invocation pattern
- Outbound network connections originating from the n8n container immediately following Git node executions
Detection Strategies
- Audit existing n8n workflows for any use of the Git node Add Config operation and review the configuration keys being set
- Monitor process creation events where the parent process is node (n8n) and the child is a shell interpreter such as bash, sh, or python
- Inspect filesystem write events targeting hook directories from the n8n service account
Monitoring Recommendations
- Enable n8n audit logging and forward workflow modification events to a centralized log platform
- Alert on any workflow that combines a Git Add Config node with a subsequent Git operation node in the same execution path
- Track the installed n8n version across all deployments and flag any host still running a build between 0.123.1 and 1.119.1
How to Mitigate CVE-2025-65964
Immediate Actions Required
- Upgrade n8n to version 1.119.2 or later, available from the GitHub Release Version 1.119.2 page
- Inventory all running n8n instances and prioritize internet-exposed deployments
- Review existing workflows for Git node usage and remove any that set Git configuration values from untrusted input
- Rotate any credentials, API tokens, and secrets stored in n8n if compromise is suspected
Patch Information
The fix is delivered in n8n version 1.119.2 through commit d5a1171f95f75def5c3ac577707ab913e22aef04. The patch restricts which Git configuration keys the Add Config operation accepts, preventing core.hooksPath and similar values from being set through a workflow. Full details are available in the GitHub Security Advisory GHSA-wpqc-h9wp-chmq.
Workarounds
- Exclude the Git node entirely using the NODES_EXCLUDE environment variable as documented in the n8n Docs Node Blocking Guide
- Restrict workflow editor permissions to a small set of trusted users until the patch is applied
- Avoid cloning or interacting with untrusted Git repositories through the Git node
- Run n8n with a dedicated low-privilege service account and isolate it from sensitive host resources
# Exclude the Git node from a self-hosted n8n deployment
export NODES_EXCLUDE="[\"n8n-nodes-base.git\"]"
# Verify the running n8n version is patched
docker exec n8n n8n --version # should report 1.119.2 or higher
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

