CVE-2025-68613 Overview
CVE-2025-68613 is a critical Remote Code Execution (RCE) vulnerability affecting n8n, the popular open source workflow automation platform. The flaw exists in the workflow expression evaluation system where, under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime.
This vulnerability allows an authenticated attacker to abuse the expression evaluation behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.
Critical Impact
Authenticated attackers can achieve full instance compromise through arbitrary code execution, enabling unauthorized data access, workflow manipulation, and system-level operations.
Affected Products
- n8n versions 0.211.0 through 1.120.3
- n8n versions 1.121.0 (prior to 1.121.1)
- n8n versions prior to 1.122.0
Discovery Timeline
- 2025-12-19 - CVE-2025-68613 published to NVD
- 2026-01-02 - Last updated in NVD database
Technical Details for CVE-2025-68613
Vulnerability Analysis
The vulnerability stems from improper control of dynamically-managed code resources (CWE-913) within n8n's expression evaluation system. When users configure workflows, they can supply expressions that are processed by the platform. The core issue is that these expressions are evaluated in an execution context that lacks sufficient isolation from the underlying Node.js runtime environment.
This insufficient sandboxing creates a condition where carefully crafted expressions can break out of the intended evaluation scope and interact directly with the host system. Since n8n workflows commonly process sensitive business data and integrate with numerous external services, the impact of code execution within this context is particularly severe.
Root Cause
The root cause is insufficient isolation of the expression evaluation sandbox from the underlying Node.js runtime. The expression evaluation system fails to properly restrict access to runtime objects and functions, allowing attackers to escape the intended sandbox boundaries and access dangerous capabilities.
Attack Vector
The attack requires network access and low-privilege authentication to the n8n instance. An attacker must have permissions to create or edit workflows, at which point they can inject malicious expressions that will be evaluated by the vulnerable expression engine. The attack can be executed without user interaction once the attacker has authenticated access.
The exploitation pathway involves:
- Authenticating to the n8n instance with workflow creation/editing privileges
- Creating or modifying a workflow with a malicious expression
- Triggering the workflow execution to evaluate the crafted expression
- The expression escapes the sandbox and executes arbitrary code with n8n process privileges
The vulnerability does not require any specific environmental conditions beyond basic authenticated access, making it relatively straightforward to exploit in affected deployments.
Detection Methods for CVE-2025-68613
Indicators of Compromise
- Unexpected processes spawned as child processes of the n8n application
- Unusual network connections originating from the n8n process to external destinations
- Modifications to workflows by users who should not have elevated privileges
- Suspicious log entries indicating code execution or system command invocations within workflow executions
- Unexpected file system access or modifications by the n8n process
Detection Strategies
- Monitor n8n audit logs for unusual workflow creation or modification patterns
- Implement runtime application self-protection (RASP) solutions to detect sandbox escape attempts
- Deploy endpoint detection and response (EDR) solutions to identify anomalous process behavior from the n8n application
- Analyze workflow configurations for suspicious expression patterns that may indicate exploitation attempts
Monitoring Recommendations
- Enable verbose logging for n8n workflow executions and expression evaluations
- Configure alerts for any child process spawning from the n8n application context
- Monitor system calls made by the n8n process for unexpected operations
- Review user activity logs for accounts with workflow editing permissions
How to Mitigate CVE-2025-68613
Immediate Actions Required
- Upgrade n8n immediately to version 1.120.4, 1.121.1, or 1.122.0 or later
- Audit existing workflows for potentially malicious expressions
- Review user accounts with workflow creation and editing permissions
- Implement network segmentation to limit potential lateral movement if exploitation occurs
Patch Information
n8n has released security patches addressing this vulnerability in versions 1.120.4, 1.121.1, and 1.122.0. The patches introduce additional safeguards to restrict expression evaluation and properly isolate the sandbox from the underlying runtime.
For detailed patch information, refer to the following resources:
- GitHub Security Advisory GHSA-v98v-ff95-f3cp
- GitHub Commit Fix
- GitHub Commit Change
- GitHub Commit Update
Workarounds
- Limit workflow creation and editing permissions to fully trusted users only
- Deploy n8n in a hardened environment with restricted operating system privileges
- Implement strict network access controls to reduce potential impact of exploitation
- Run n8n with minimal privileges using containerization or dedicated service accounts
# Example: Run n8n with restricted privileges in Docker
docker run -d \
--name n8n \
--user 1000:1000 \
--read-only \
--cap-drop ALL \
--security-opt no-new-privileges \
-p 5678:5678 \
-v /path/to/n8n-data:/home/node/.n8n \
n8nio/n8n:1.122.0
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
