CNNVD-202512-3773 Information
CNNVD ID
CNNVD-202512-3773
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 0.211.0版本至1.120.4版本、1.121.1版本和1.122.0版本之前版本存在安全漏洞,该漏洞源于工作流表达式评估系统隔离不足,可能导致远程代码执行。
Description (English)
n8n is an expanded workflow automation tool for n8n open source. No8n 0.211.0 to 1.120.4, 1.121.1 and 1.12.2. There is a security loophole in the pre-versions, which stems from inadequate segregation of the workflow expression assessment system, which may lead to remote code implementation.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
n8n
Published
2025-12-19
Last Modified
2026-02-24
References
https://github.com/n8n-io/n8n/commit/39a2d1d60edde89674ca96dcbb3eb076ffff6316 https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp https://github.com/n8n-io/n8n/commit/1c933358acef527ff61466e53268b41a04be1000 https://github.com/n8n-io/n8n/commit/08f332015153decdda3c37ad4fcb9f7ba13a7c79 https://access.redhat.com/security/cve/cve-2025-68613 https://cxsecurity.com/issue/WLB-2026010008
Patch
https://github.com/n8n-io/n8n/releases
Share on: