CVE-2025-68697
CVE-2025-68697 is a high-severity vulnerability in N8n with a CVSS 3.x base score of 7.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-269.
Key facts
- Severity: High (CVSS 3.x base score 7.1)
- EPSS exploit prediction: 0% (15th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-205453
- Weakness: CWE-269
- Affected product: N8n
- Published:
- Last modified:
Description
n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node. This allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including: reading files from the host filesystem (subject to any file-access restrictions configured on the instance and OS/container permissions), and writing files to the host filesystem (subject to the same restrictions). This issue has been patched in version 2.0.0. Workarounds for this issue involve limiting file operations by setting N8N_RESTRICT_FILE_ACCESS_TO to a dedicated directory (e.g., ~/.n8n-files) and ensure it contains no sensitive data, keeping N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES=true (default) to block access to .n8n and user-defined config files, and disabling high-risk nodes (including the Code node) using NODES_EXCLUDE if workflow editors are not fully trusted.
Frequently asked questions
- What is CVE-2025-68697?
- n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node. This allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including: reading files from the host filesystem (subject to any file-access restrictions configured on the instance and OS/container permissions), and writing files to the host filesystem (subject to the same restrictions). This issue has been patched in version 2.0.0. Workarounds for this issue involve limiting file operations by setting N8N_RESTRICT_FILE_ACCESS_TO to a dedicated directory (e.g., ~/.n8n-files) and ensure it contains no sensitive data, keeping N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES=true (default) to block access to .n8n and user-defined config files, and disabling high-risk nodes (including the Code node) using NODES_EXCLUDE if workflow editors are not fully trusted.
- How severe is CVE-2025-68697?
- CVE-2025-68697 has a CVSS 3.x base score of 7.1, rated high severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is low, integrity high, and availability none.
- Is CVE-2025-68697 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (15th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2025-68697?
- CVE-2025-68697 affects N8n. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2025-68697?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2025-68697 have an EU (EUVD) identifier?
- Yes. CVE-2025-68697 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-205453.
- When was CVE-2025-68697 published?
- CVE-2025-68697 was published on 2025-12-26 and last updated on 2026-06-17.
References
Affected products (1)
- cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*
More vulnerabilities in N8n
- CVE-2026-54309 — Critical (CVSS 10.0): n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP…
- CVE-2026-21858 — Critical (CVSS 10.0): n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker…
- CVE-2026-54305 — Critical (CVSS 9.9): n8n is an open source workflow automation platform. Prior to 1.123.55, 2.25.7, and 2.26.2, three EE endpoints used by…
- CVE-2026-44791 — Critical (CVSS 9.9): n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with…
- CVE-2026-44789 — Critical (CVSS 9.9): n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with…
- CVE-2026-54310 — Critical (CVSS 9.9): n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, an authenticated user with permission…
Other CWE-269 (Improper Privilege Management) vulnerabilities
- CVE-2026-31852 — Critical (CVSS 10.0): Jellyfin is an open-source media system. The code-quality.yml GitHub Actions workflow in jellyfin/jellyfin-ios is…
- CVE-2025-20282 — Critical (CVSS 10.0): A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to…
- CVE-2025-0505 — Critical (CVSS 10.0): On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain…
- CVE-2023-48418 — Critical (CVSS 10.0): In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW…
- CVE-2023-48419 — Critical (CVSS 10.0): An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege
- CVE-2023-31273 — Critical (CVSS 10.0): Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to…
Browse all CWE-269 (Improper Privilege Management) vulnerabilities →