{"id":222682,"date":"2026-03-12T04:47:00","date_gmt":"2026-03-12T08:47:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/12\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog\/"},"modified":"2026-03-12T06:35:13","modified_gmt":"2026-03-12T10:35:13","slug":"u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/12\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog\/","title":{"rendered":"U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/189326\/security\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog.html\">U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/189326\/security\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog.html\">https:\/\/securityaffairs.com\/189326\/security\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-12 04:47:00<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p><h2>U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog<\/h2>\n<\/p>\n<p>\t\t\t\t\t\t\t<span> Pierluigi Paganini<\/span><br \/>\n\t\t\t\t\t\t\t<span><img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> March 12, 2026<\/span><\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg?fit=700%2C368&#038;ssl=1\" alt=\"\"\/><\/p>\n<h2 class=\"wp-block-heading\">The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in n8n to its Known Exploited Vulnerabilities catalog.<\/h2>\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0added\u00a0an n8n flaw, tracked as CVE-2025-68613 (CVSS score of 10.0), to its\u00a0Known Exploited Vulnerabilities (KEV) catalog.<\/p>\n<p>n8n is a workflow automation platform designed for technical teams that combines the flexibility of custom code with the speed and simplicity of no-code tools. It supports more than 400 integrations, includes native AI features, and uses a fair-code license, allowing organizations to build powerful automations while retaining full control over their data and deployment environments.<\/p>\n<p>In December 2025, researchers warned that a critical vulnerability, tracked as\u00a0<strong>CVE-2025-68613<\/strong>, in the\u00a0n8n\u00a0workflow automation platform could allow attackers to achieve arbitrary code execution under certain circumstances. The package gets about 57,000 downloads per week, according to npm statistics.<\/p>\n<p>\u201cn8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime.\u201d\u00a0reads the advisory. \u201cAn authenticated attacker could abuse this behavior to execute arbitrary code with the privileges of the n8n process. Successful exploitation may lead to full compromise of the affected instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.\u201d<\/p>\n<p>An authenticated attacker could exploit this weakness during workflow configuration to run arbitrary code with the same privileges&#8230;<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/189326\/security\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog https:\/\/securityaffairs.com\/189326\/security\/u-s-cisa-adds-a-flaw-in-n8n-to-its-known-exploited-vulnerabilities-catalog.html Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":222683,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,27],"class_list":["post-222682","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222682"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=222682"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222682\/revisions"}],"predecessor-version":[{"id":222684,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222682\/revisions\/222684"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/222683"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=222682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=222682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=222682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}