COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-68613

CVE-2025-68613

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-03-11
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-68613
⚡ RCE ⌖ exploited in the wild shame 85/100 rceexploited-in-wildsupply-chain

n8n workflow expression evaluation allows remote code execution via dynamically managed code resources.

This vulnerability enables remote code execution in n8n's workflow engine, allowing attackers to execute arbitrary code within the application context. DIB organizations using n8n face immediate exposure to ransomware or data theft if the workflow system is compromised, and the active exploitation status indicates urgent remediation is required to prevent unauthorized access.

Shame score — Active exploitation status combined with remote code execution in a workflow engine used by defense contractors creates high risk of unauthorized access and data theft.

Players implicated

n8n · vendorn8n · product

Description

n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.