CVE-2025-68697
Unknown Unknown - Not Provided
Privilege Escalation via Code Node in n8n Workflow Platform

Publication date: 2025-12-26

Last updated on: 2025-12-26

Assigner: GitHub, Inc.

Description
n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node. This allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including: reading files from the host filesystem (subject to any file-access restrictions configured on the instance and OS/container permissions), and writing files to the host filesystem (subject to the same restrictions). This issue has been patched in version 2.0.0. Workarounds for this issue involve limiting file operations by setting N8N_RESTRICT_FILE_ACCESS_TO to a dedicated directory (e.g., ~/.n8n-files) and ensure it contains no sensitive data, keeping N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES=true (default) to block access to .n8n and user-defined config files, and disabling high-risk nodes (including the Code node) using NODES_EXCLUDE if workflow editors are not fully trusted.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-26
Last Modified
2025-12-26
Generated
2026-05-27
AI Q&A
2025-12-27
EPSS Evaluated
2026-05-25
NVD
CVE-2025-68697
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
n8n n8n *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-749 The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects self-hosted n8n instances running versions prior to 2.0.0 when the Code node operates in legacy JavaScript execution mode. Authenticated users with workflow editing access can invoke internal helper functions within the Code node, allowing them to perform actions on the host system with the same privileges as the n8n process. This includes reading and writing files on the host filesystem, subject to configured file-access restrictions and OS/container permissions. The issue has been fixed in version 2.0.0.


How can this vulnerability impact me? :

The vulnerability can allow an authenticated workflow editor to read sensitive files from the host filesystem or write files to it, potentially leading to unauthorized data access or modification. This could compromise the integrity and confidentiality of data on the host system, depending on the permissions of the n8n process. It may also enable further attacks if sensitive configuration or system files are accessed or altered.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, immediately upgrade n8n to version 2.0.0 or later. If upgrading is not possible right away, apply the following workarounds: limit file operations by setting the environment variable N8N_RESTRICT_FILE_ACCESS_TO to a dedicated directory (e.g., ~/.n8n-files) that contains no sensitive data; ensure N8N_BLOCK_FILE_ACCESS_TO_N8N_FILES is set to true (default) to block access to .n8n and user-defined config files; and disable high-risk nodes such as the Code node using NODES_EXCLUDE if workflow editors are not fully trusted.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart