CISA Orders Federal Agencies to Patch n8n RCE Flaw Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a directive on Wednesday ordering federal agencies to patch systems against an actively exploited remote code execution (RCE) vulnerability in n8n. The flaw is being leveraged in ongoing attacks, though specific technical details such as the CVE identifier or affected versions were not disclosed in the notice. The mandate applies to all U.S. government agencies, requiring immediate remediation to mitigate potential exploitation. No exact impact scope or attack vectors were provided beyond the active exploitation status. The directive underscores the urgency of addressing the vulnerability to prevent further compromise.