CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 25, 2026
Description
n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.
EPSS — Exploit Probability
Higher than 98.9% of all CVEs
Required Action
https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp ; https://nvd.nist.gov/vuln/detail/CVE-2025-68613
Related Articles (6)
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Mar 9, 2026
⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
Weekly cybersecurity recap covering active exploits, AI abuse, exposed cloud assets, critical CVEs, and evolving threat trends.
Mar 2, 2026
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
CISA adds n8n RCE flaw CVE-2025-68613 to KEV after active exploitation; 24,700 exposed instances raise compromise risk.
Mar 12, 2026
CISA orders feds to patch n8n RCE flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies on Wednesday to patch their systems against an actively exploited n8n vulnerability.
Mar 11, 2026
In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown
Other noteworthy stories that might have slipped under the radar: Telus Digital data breach, vulnerabilities in Linux AppArmor allow root privileges, US defense contractor behind Coruna exploits.
Mar 13, 2026
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Mar 11, 2026
Risk Assessment
HIGHDetails
- Severity
- High
- EPSS
- 76.9%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 6
Timeline
Published
Mar 11, 2026
Added to KEV
Mar 11, 2026
Remediation Due
Mar 25, 2026