CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Mar 25, 2026

CVE-2025-68613

High

EPSS 76.9%CISA KEV

Description

n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.

EPSS — Exploit Probability

76.9%

Higher than 98.9% of all CVEs

Required Action

https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp ; https://nvd.nist.gov/vuln/detail/CVE-2025-68613

Risk Assessment

HIGH

In CISA KEV

High EPSS

Details

Severity: High
EPSS: 76.9%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Mar 11, 2026

Added to KEV

Mar 11, 2026

Remediation Due

Mar 25, 2026

Affected Product

n8n

View all n8n CVEs

External Links

NVD (NIST)CVE Details MITRE CVE