Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-68613
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
n8n Vulnerable to Remote Code Execution via Expression Injection
Source: NVD (National Vulnerability Database)
Vulnerability Description
n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. This issue has been fixed in versions 1.120.4, 1.121.1, and 1.122.0. Users are strongly advised to upgrade to a patched version, which introduces additional safeguards to restrict expression evaluation. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only; and/or deploy n8n in a hardened environment with restricted operating system privileges and network access to reduce the impact of potential exploitation. These workarounds do not fully eliminate the risk and should only be used as short-term measures.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
动态管理代码资源的控制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
n8n 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
n8n是n8n开源的一个可扩展的工作流自动化工具。 n8n 0.211.0版本至1.120.4版本、1.121.1版本和1.122.0版本之前版本存在安全漏洞,该漏洞源于工作流表达式评估系统隔离不足,可能导致远程代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
n8n-ion8n >= 0.211.0, < 1.120.4 -
II. Public POCs for CVE-2025-68613
#POC DescriptionSource LinkShenlong Link
1Detection for CVE-2025-68613https://github.com/rxerium/CVE-2025-68613POC Details
2CVE-2025-68613https://github.com/Ashwesker/Blackash-CVE-2025-68613POC Details
3Public PoC + Scanner and research for CVE-2025-68613: Critical RCE in n8n Workflow Automation via Expression Injection (CVSS 10.0). Includes detection tools, full exploit, and remediation guidance.https://github.com/TheStingR/CVE-2025-68613-POCPOC Details
4CVE-2025-68613: n8n RCE vulnerability exploit and documentationhttps://github.com/wioui/n8n-CVE-2025-68613-exploitPOC Details
5通过GitHub Copilot 辅助分析CVE-2025-68613漏洞https://github.com/intbjw/CVE-2025-68613-poc-via-copilotPOC Details
6Nonehttps://github.com/ali-py3/Exploit-CVE-2025-68613POC Details
7This repository contains a laboratory-grade analysis and a **safe Proof-of-Concept** for the vulnerability **CVE-2025-68613**, affecting the workflow automation platform **n8n**.https://github.com/nehkark/CVE-2025-68613POC Details
8My poc to exploit this vuln :Dhttps://github.com/GnuTLam/POC-CVE-2025-68613POC Details
9n8n < 1.120.4, 1.121.1, 1.122.0 contains a remote code execution caused by insufficient isolation in workflow expression evaluation, letting authenticated attackers execute arbitrary code with n8n process privileges. Exploit requires authentication. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-68613.yamlPOC Details
10基于Pocsuite3 框架编写的漏洞验证与利用脚本,用于检测 n8n工作流自动化工具中的认证后远程代码执行漏洞(RCE)https://github.com/secjoker/CVE-2025-68613POC Details
11Analysis of CVE-2025-68613https://github.com/r4j3sh-com/CVE-2025-68613-n8n-labPOC Details
12Nonehttps://github.com/intelligent-ears/CVE-2025-68613POC Details
13GUI Shodan-powered scanner to identify n8n instances exposed to CVE-2025-68613 (version range 0.211.0–1.122.0)https://github.com/manyaigdtuw/CVE-2025-68613_ScannerPOC Details
14Remote Code Execution via n8n Workflows (Based on CVE-2025-68613)https://github.com/AbdulRKB/n8n-RCEPOC Details
15Python Exploit for CVE-2025-68613.https://github.com/JohannesLks/CVE-2025-68613-Python-ExploitPOC Details
16n8n God Mode Ultimate - CVE-2025-68613 Scanner v1.0.0 ║ ║ Workflow Automation Remote Code Execution https://github.com/hackersatyamrastogi/n8n-exploit-CVE-2025-68613-n8n-God-Mode-UltimatePOC Details
17Proof-of-Concept exploit for CVE-2025-68613: Authenticated Remote Code Execution in n8n via Expression Injectionhttps://github.com/mbanyamer/n8n-Authenticated-Expression-Injection-RCE-CVE-2025-68613POC Details
18Technical study of the CVE-2025-68613 vulnerability in n8n, covering affected versions, laboratory exploration scenario, offensive and defensive analysis, and mitigation strategies.https://github.com/releaseown/Analysis-n8n-CVE-2025-68613POC Details
19Nonehttps://github.com/Dlanang/homelab-CVE-2025-68613POC Details
20Nonehttps://github.com/Khin-96/n8n-cve-2025-68613-thmPOC Details
21The minor methodology for room: https://tryhackme.com/room/n8ncve202568613https://github.com/J4ck3LSyN-Gen2/n8n-CVE-2025-68613-TryHackMePOC Details
22CVE-2025-68613 (n8n) Critical RCE analysis + defensive recommendations (patch validation, detection ideas, and hardening tips)https://github.com/Ak-cybe/CVE-2025-68613-n8n-rce-analysisPOC Details
23This laboratory provides a controlled environment to analyze and reproduce CVE-2025-68613 in a vulnerable n8n instance.https://github.com/LingerANR/n8n-CVE-2025-68613POC Details
24POC for CVE-2025-68613https://github.com/reem-012/poc_CVE-2025-68613POC Details
25Technical study of the CVE-2025-68613 vulnerability in n8n, covering affected versions, laboratory exploration scenario, offensive and defensive analysis, and mitigation strategies.https://github.com/releaseown/analysis-and-poc-n8n-CVE-2025-68613POC Details
26n8n CVE-2025-68613https://github.com/gagaltotal/n8n-cve-2025-68613POC Details
27CVE-2025-68613https://github.com/Ashwesker/Ashwesker-CVE-2025-68613POC Details
28Nonehttps://github.com/cv-sai-kamesh/n8n-CVE-2025-68613POC Details
29n8n RCE (CVE-2025-68613) - Proof of Concepthttps://github.com/ahmedshamsddin/n8n-RCE-CVE-2025-68613POC Details
30Expression injection payloads for n8n CVE-2025-68613 RCEhttps://github.com/TheInterception/n8n_CVE-2025-68613_exploit_payloadsPOC Details
31Lab for CVE-2025-68613 n8n RCEhttps://github.com/shibaaa204/CVE-2025-68613POC Details
32Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/n8n%20%E8%A1%A8%E8%BE%BE%E5%BC%8F%E6%B2%99%E7%AE%B1%E9%80%83%E9%80%B8%E5%AF%BC%E8%87%B4%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2025-68613.mdPOC Details
33CVE-2025-68613https://github.com/sahilccras/Blackash-CVE-2025-68613POC Details
34Nonehttps://github.com/Rishi-kaul/n8n-CVE-2025-68613POC Details
35Relatório TryHackMe — n8n CVE-2025-68613 (CVSS 9.9)https://github.com/Victorhugofariasvieir66/relatorio-n8n.mdPOC Details
36https://github.com/vulhub/vulhub/blob/master/n8n/CVE-2025-68613/README.mdPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2025-68613
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n8n
Same vendor: n8n-io
Same weakness: CWE-913
V. Comments for CVE-2025-68613

No comments yet

Leave a comment