Exposures › CVE-2025-68613
n8n workflow expression evaluation allows remote code execution via dynamically managed code resources.
This vulnerability enables remote code execution in n8n's workflow engine, allowing attackers to execute arbitrary code within the application context. DIB organizations using n8n face immediate exposure to ransomware or data theft if the workflow system is compromised, and the active exploitation status indicates urgent remediation is required to prevent unauthorized access.
Shame score — Active exploitation status combined with remote code execution in a workflow engine used by defense contractors creates high risk of unauthorized access and data theft.
n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.
No correlated FedRAMP products.