A critical security vulnerability has been disclosed in the n8n workflow automation platform that can, in some circumstances, allow arbitrary code execution. The flaw is tracked as CVE-2025-68613 and carries a CVSS score of 9.9 out of 10. The package registers roughly 57,000 weekly downloads on npm.
The maintainers warned that “expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime,” and published an advisory on GitHub for the npm package. An authenticated attacker could exploit this behavior to run arbitrary code with the privileges of the n8n process, potentially leading to full compromise of an instance.
The vulnerability affects all versions including and higher than 0.211.0 and below 1.120.4 and has been patched in versions 1.120.4, 1.121.1 and 1.122.0. The attack surface management platform Censys reported 103,476 potentially vulnerable instances as of Dec. 22, 2025, with the largest concentrations in the U.S., Germany, France, Brazil and Singapore.
Users are advised to apply the available updates as soon as possible. Where immediate patching is not feasible, administrators should restrict workflow creation and editing to trusted users and run n8n in a hardened environment with constrained operating system privileges and limited network access to reduce risk.