CVE-2026-25053

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.10 n8n versions prior to 2.5.0

Description n8n, an open source workflow automation platform, contains a flaw in the Git node. This allows authenticated users with create or modify permissions for workflows to execute arbitrary system commands or read arbitrary files on the n8n host. The issue impacts systems where users have the ability to create or modify workflows. No information is available regarding the number of potentially affected devices worldwide or any real-world incidents of exploitation. The Git node is a component used for interacting with Git repositories. The Git node allows users to perform actions such as cloning, pulling, and pushing changes to Git repositories.

Recommendations Upgrade to n8n version 1.123.10 or later. Upgrade to n8n version 2.5.0 or later. If upgrading is not immediately possible, limit workflow creation and editing permissions to fully trusted users only. If upgrading is not immediately possible, restrict or disable access to the Git node if it is not essential for operations. If upgrading is not immediately possible, deploy n8n in a hardened environment with restricted operating system privileges and network access.