CVE-2025-68613 n8n Expression Injection

Expression injection vulnerability in n8n workflow automation platform allowing arbitrary code execution with full process privileges via insufficient sandboxing of user-supplied expressions in workflow configuration.

Cyber News & Updates

n8n CVE-2025-68613: Expression Injection Enables Arbitrary Code Execution on 103,476 Workflow Automation Instances

A critical expression injection vulnerability in n8n workflow automation platform (CVSS 9.9) allows authenticated attackers to execute arbitrary code with process privileges. 103,476 exposed instances identified globally, with rapid patching…
Read more →

Peter Chofield

·

Jan 4, 2026

·

11–16 minutes

CVE-2025-68613 n8n Expression Injection

n8n CVE-2025-68613: Expression Injection Enables Arbitrary Code Execution on 103,476 Workflow Automation Instances