The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
Cybernews

When workflows go rogue: critical n8n vulnerability opens door to system commands

The flaw allows authenticated n8n users with workflow-creation or modification permissions to bypass the intended security sandbox.