Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-65964

CVE-2025-65964: N8n Workflow Automation RCE Vulnerability

CVE-2025-65964 is a remote code execution flaw in N8n workflow automation that exploits Git pre-commit hooks to execute arbitrary commands. This article covers the technical details, affected versions, impact, and mitigation.

Published:

CVE-2025-65964 Overview

CVE-2025-65964 is a remote code execution vulnerability in n8n, an open source workflow automation platform. Versions 0.123.1 through 1.119.1 fail to restrict Git configuration values set through the Git node's Add Config operation. Attackers with permission to create or modify workflows can set core.hooksPath to point to a malicious Git hook. Subsequent Git operations then execute arbitrary commands on the n8n host. The maintainers fixed the issue in version 1.119.2. The flaw is tracked under [CWE-829: Inclusion of Functionality from Untrusted Control Sphere].

Critical Impact

Authenticated workflow editors can achieve full remote code execution on the n8n host through abuse of Git pre-commit hooks.

Affected Products

  • n8n versions 0.123.1 through 1.119.1
  • n8n Git node (Add Config operation)
  • Self-hosted and containerized n8n deployments using the Git node

Discovery Timeline

  • 2025-12-09 - CVE-2025-65964 published to NVD
  • 2026-01-02 - Last updated in NVD database

Technical Details for CVE-2025-65964

Vulnerability Analysis

The vulnerability resides in the Git node's Add Config operation. The operation passes user-controlled key/value pairs directly to git config without validating which configuration keys are permitted. Git supports the core.hooksPath directive, which redirects hook execution to an arbitrary directory. An attacker who controls a workflow can point this directive at a path containing executable hook scripts. When any subsequent Git operation runs in that repository context, Git executes the attacker-controlled script under the n8n process identity.

The attack inherits the privileges of the n8n runtime user. On typical container deployments this grants access to workflow secrets, credential stores, environment variables, and the underlying host filesystem.

Root Cause

The Git node lacks an allowlist of safe configuration keys. Git treats core.hooksPath as a trusted local setting, but n8n exposes this trust boundary to remote workflow authors. The platform also lacks sandboxing for Git node operations, so any hook script runs in the same context as the n8n server process.

Attack Vector

Exploitation requires authenticated access sufficient to create or modify a workflow that uses the Git node. The attacker writes a hook script to a path reachable by n8n, then configures a workflow with two Git node operations. The first invokes Add Config to set core.hooksPath to the directory containing the malicious script. The second triggers any Git action such as commit, clone, or checkout against a repository, which causes Git to execute the planted hook and run arbitrary commands on the host.

No verified public exploit code is available. See the GitHub Security Advisory GHSA-wpqc-h9wp-chmq for vendor technical detail.

Detection Methods for CVE-2025-65964

Indicators of Compromise

  • Workflows containing Git node Add Config operations that set core.hooksPath, core.sshCommand, core.editor, or other executable-related Git keys
  • Unexpected hook scripts written under directories accessible to the n8n process, particularly outside repository .git/hooks paths
  • Child processes spawned by the n8n service that do not match the standard git binary invocation pattern
  • Outbound network connections originating from the n8n container immediately following Git node executions

Detection Strategies

  • Audit existing n8n workflows for any use of the Git node Add Config operation and review the configuration keys being set
  • Monitor process creation events where the parent process is node (n8n) and the child is a shell interpreter such as bash, sh, or python
  • Inspect filesystem write events targeting hook directories from the n8n service account

Monitoring Recommendations

  • Enable n8n audit logging and forward workflow modification events to a centralized log platform
  • Alert on any workflow that combines a Git Add Config node with a subsequent Git operation node in the same execution path
  • Track the installed n8n version across all deployments and flag any host still running a build between 0.123.1 and 1.119.1

How to Mitigate CVE-2025-65964

Immediate Actions Required

  • Upgrade n8n to version 1.119.2 or later, available from the GitHub Release Version 1.119.2 page
  • Inventory all running n8n instances and prioritize internet-exposed deployments
  • Review existing workflows for Git node usage and remove any that set Git configuration values from untrusted input
  • Rotate any credentials, API tokens, and secrets stored in n8n if compromise is suspected

Patch Information

The fix is delivered in n8n version 1.119.2 through commit d5a1171f95f75def5c3ac577707ab913e22aef04. The patch restricts which Git configuration keys the Add Config operation accepts, preventing core.hooksPath and similar values from being set through a workflow. Full details are available in the GitHub Security Advisory GHSA-wpqc-h9wp-chmq.

Workarounds

  • Exclude the Git node entirely using the NODES_EXCLUDE environment variable as documented in the n8n Docs Node Blocking Guide
  • Restrict workflow editor permissions to a small set of trusted users until the patch is applied
  • Avoid cloning or interacting with untrusted Git repositories through the Git node
  • Run n8n with a dedicated low-privilege service account and isolate it from sensitive host resources
bash
# Exclude the Git node from a self-hosted n8n deployment
export NODES_EXCLUDE="[\"n8n-nodes-base.git\"]"

# Verify the running n8n version is patched
docker exec n8n n8n --version   # should report 1.119.2 or higher

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.