THREAT SENTINEL
Back to Dashboard
VulnerabilitiesCritical

CVE-2025-68613: n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

Tuesday, March 17, 2026
Global
CISA KEV Catalog - CVE-2025-68613

Summary

n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution. This vulnerability is actively exploited in the wild.

Threat Analysis

CISA has added CVE-2025-68613 to its Known Exploited Vulnerabilities catalog. n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution. Affected Product: n8n by n8n. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due Date: 2026-03-25. This vulnerability poses a significant risk as it is being actively exploited by threat actors. Organizations using affected products should prioritize patching immediately to prevent potential compromise.

Last updated: Mar 17, 2026, 09:23 AM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM