Critical n8n Vulnerability (CVE-2025-68613) with CVSS 9.9 Enables Arbitrary Code Execution

25 Dec 2025

n8nCVE-2025-68613critical vulnerabilityarbitrary code executionautomation securityCVSS 9.9Security Affairs

A critical vulnerability identified as CVE-2025-68613 with a CVSS score of 9.9 has been discovered in the n8n automation platform. This flaw could allow arbitrary code execution under certain conditions, potentially granting attackers full control over affected systems. The vulnerable component is reported to have approximately 57,000 downloads per week, indicating a substantial potential attack surface. Security researchers have reported the vulnerability, but specific exploitation vectors and mitigation details remain undisclosed. No timeline has been provided for official disclosure or patching. Given the severity and prevalence of this issue, organizations using n8n should prioritize monitoring for updates and consider implementing compensatory security measures. However, the lack of detailed exploitation information limits immediate actionable advice. This vulnerability highlights the critical importance of timely patch management and continuous monitoring in automation platforms.