THREAT SENTINEL
Back to Dashboard
VulnerabilitiesCritical

CISA KEV: CVE-2025-68613 - n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

Monday, March 16, 2026
Global
CISA KEV Catalog - CVE-2025-68613

Summary

n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution. This vulnerability is actively exploited in the wild.

Threat Analysis

The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-68613 to its Known Exploited Vulnerabilities catalog, confirming active exploitation. n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution. Affected vendor: n8n. Product: n8n. Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.. Due date: 2026-03-25. Organizations should prioritize patching this vulnerability immediately to prevent potential compromise.

Last updated: Mar 16, 2026, 09:34 AM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM