N8n security patch for CVE-2025-68613
Security Patch Release
Summary
Hide ▲
Show ▼
n8n released fixes for CVE-2025-68613, a critical flaw in its workflow automation platform that could allow arbitrary code execution. The update covers versions >= 0.211.0 and < 1.120.4, with fixes shipped in 1.120.4, 1.121.1, and 1.122.0. Users are urged to apply the updates as soon as possible; if patching is delayed, restricting workflow creation and editing to trusted users and hardening the runtime can reduce risk.
Related Happenings
Fortinet security patch release for CVE-2026-39813
Security Patch Release
H score41
First: 16.06.2026 12:19
Last: 16.06.2026 12:19
Sources 1
About this happening:
**Fortinet** released **April 14** security updates for **FortiSandbox**, covering **CVE-2026-39813**, **CVE-2026-39808**, and **CVE-2026-25089**. The patch release fixes **three...
Fortinet security patch release for CVE-2026-39813
Security Patch ReleaseAbout this happening: **Fortinet** released **April 14** security updates for **FortiSandbox**, covering **CVE-2026-39813**, **CVE-2026-39808**, and **CVE-2026-25089**. The patch release fixes **three...
SimpleHelp security update for CVE-2026-48558
Security Patch Release
H score65
First: 15.06.2026 23:06
Last: 15.06.2026 23:06
Sources 1
About this happening:
**SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
SimpleHelp security update for CVE-2026-48558
Security Patch ReleaseAbout this happening: **SimpleHelp** released **5.5.16** and **6.0 RC2** on **June 9** to fix **CVE-2026-48558**, a critical **OIDC** authentication flaw in **SimpleHelp remote management software** th...
Langflow security patch release for CVE-2026-5027
Security Patch Release
H score38
First: 11.06.2026 00:23
Last: 11.06.2026 00:23
Sources 1
About this happening:
**Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...
Langflow security patch release for CVE-2026-5027
Security Patch ReleaseAbout this happening: **Langflow** shipped fixes for **CVE-2026-5027**, closing a **path traversal** flaw that let attackers write arbitrary files on exposed servers. The patch landed in **langflow-bas...
Veeam security patch release for CVE-2026-44963
Security Patch Release
H score79
First: 09.06.2026 17:27
Last: 09.06.2026 17:27
Sources 1
About this happening:
**Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...
Veeam security patch release for CVE-2026-44963
Security Patch ReleaseAbout this happening: **Veeam** released security updates for **Veeam Backup & Replication** to fix **CVE-2026-44963**, a critical flaw that could enable **remote code execution** on **domain-joined ba...
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch Release
H score55
First: 22.05.2026 08:36
Last: 22.05.2026 08:36
Sources 1
About this happening:
Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Cisco Secure Workload REST API patch release (CVE-2026-20223)
Security Patch ReleaseAbout this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...
Timeline
-
23.12.2025 09:34 2 articles · 6mo ago
n8n releases fixes for CVE-2025-68613
Mitigation Patch Updaten8n disclosed CVE-2025-68613, a critical vulnerability in the workflow automation platform that could let an authenticated attacker execute arbitrary code with the privileges of the n8n process when workflow configuration expressions are evaluated in an insufficiently isolated execution context. The affected range covers versions >= 0.211.0 and < 1.120.4, and fixes were released in 1.120.4, 1.121.1, and 1.122.0 to reduce the risk of full compromise, unauthorized access to sensitive data, workflow modification, and system-level operations.
Show sources
- Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances — thehackernews.com — 23.12.2025 09:34
- Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances — thehackernews.com — 23.12.2025 09:34