A critical vulnerability in the n8n automation platform puts over 103,000 internet-exposed instances at risk of remote code execution.
Quick Summary – TLDR:
- CVE-2025-68613 in n8n carries a CVSS score of 9.9, signaling critical severity.
- Exploitation allows authenticated users to run arbitrary code, compromising entire systems.
- Over 103,000 instances are potentially exposed, with proof-of-concept code now public.
- Patched versions are available, and users are urged to upgrade immediately.
What Happened?
A major security flaw in the n8n workflow automation platform is now under public scrutiny, as researchers revealed that authenticated attackers can exploit the system to execute arbitrary code. The bug, tracked as CVE-2025-68613, was publicly disclosed on December 19, 2025, and is already drawing attention due to its widespread exposure and high impact.
🚨 A critical RCE vulnerability in certain versions of n8n allows an authenticated attacker to execute arbitrary code with the privileges of the n8n process. Exploitation could lead to full compromise of the affected instance.
— Censys (@censysio) December 22, 2025
🔴 CVSS 9.9
🛠️ Patch available — upgrade… pic.twitter.com/15FhiSckej
With a CVSS score of 9.9, this vulnerability ranks just below the highest severity level, and researchers have confirmed that more than 103,000 instances of n8n are exposed on the internet. A proof-of-concept (PoC) is already publicly available, further increasing the risk of mass exploitation.
Inside the Critical Flaw
The vulnerability stems from how n8n evaluates workflow expressions. According to the official advisory, the platform’s expression evaluation system fails to isolate user-supplied input from the underlying runtime environment. This allows authenticated users to inject malicious code during workflow configuration.
If exploited successfully, the attacker gains the same privileges as the n8n process, effectively allowing them to:
- Access sensitive data
- Modify existing workflows
- Execute system-level commands
- Fully compromise the entire instance
The issue affects all versions from 0.211.0 up to but not including 1.120.4, 1.121.1, and 1.122.0, where patches have been issued.
Scope and Exposure
The impact of this vulnerability is massive. According to researchers from attack surface management firm Censys, there are approximately 103,476 potentially vulnerable n8n instances currently discoverable online. The highest concentrations are found in:
- United States
- Germany
- France
- Brazil
- Singapore
n8n is widely used across industries for automating workflows and processes. Its appeal lies in its support for over 400 integrations, AI features, and its flexible fair-code license, making it especially popular among technical teams and enterprises. However, this same popularity has now turned it into a high-value target.
Security Recommendations
The official advisory and multiple researchers stress the importance of patching immediately. n8n has addressed the flaw in the following patched releases:
- 1.120.4
- 1.121.1
- 1.122.0
For those unable to update right away, n8n advises:
- Limiting workflow creation and editing to trusted users only.
- Running the platform in a hardened environment with minimal operating system privileges.
- Restricting network access to the instance.
However, these steps are considered temporary and not sufficient to mitigate the risk entirely.
SQ Magazine Takeaway
Honestly, this is one of those rare moments in software where everything aligns for a perfect storm. We’ve got a critical bug, public exploit code, and over 100,000 systems wide open on the internet. If you’re using n8n and haven’t patched yet, you’re playing with fire. The fact that it only takes an authenticated user to hijack the entire system should set off every alarm bell. I strongly recommend treating this like a five-alarm emergency. Patch now. Lock down your instances. Audit your workflows. And do it fast.
