CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2026-27497(2)	Info	0.1%	—	Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials	Mar 28, 2026	—
CVE-2026-27495(2)	Info	0.1%	—	Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials	Mar 28, 2026	—
CVE-2026-27493(3)	Info	0.2%	—	Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials	Mar 28, 2026	—
CVE-2026-25049(1)	Info	0.0%	—	Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials	Mar 28, 2026	—
CVE-2026-27577(4)	Info	0.1%	—	Referenced in article: CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed	Mar 28, 2026	—
CVE-2025-68613(6)	High	76.9%	n8nn8n	n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.	Mar 11, 2026	KEV

CVE-2026-27497

Info

Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

EPSS 0.1%

CVE-2026-27495

Info

Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

EPSS 0.1%

CVE-2026-27493

Info

Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

EPSS 0.2%

CVE-2026-25049

Info

Referenced in article: Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

EPSS 0.0%

CVE-2026-27577

Info

Referenced in article: CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

EPSS 0.1%

CVE-2025-68613KEV

High

n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.

n8nEPSS 76.9%