Remote Code Execution Vulnerability in n8n Workflow Automation Platform

CVE-2025-65964

What is CVE-2025-65964?

CVE-2025-65964 is a critical remote code execution (RCE) vulnerability found in the n8n Workflow Automation Platform, an open-source tool designed for automating tasks and workflows across multiple applications and services. This platform enables users to create complex workflows by integrating different software and services, thus streamlining operations within organizations. The vulnerability stems from inadequate protections in versions 0.123.1 through 1.119.1 concerning the management of Git-related configurations, specifically through pre-commit hooks. Attackers can exploit this flaw by manipulating workflow configurations to set malicious Git hooks that execute arbitrary commands on the n8n host. This kind of exploitation can significantly disrupt operations and compromise systems if an attacker gains access to modify or create workflows within n8n.

Potential impact of CVE-2025-65964

1. Unauthorized Remote Access: The RCE vulnerability allows threat actors to execute arbitrary commands on the affected n8n instance. If exploited, this could lead to unauthorized access, giving attackers potential control over sensitive data and system functionalities.

2. Data Breach and Loss: With the ability to run arbitrary commands, attackers may exfiltrate, alter, or delete critical data. This poses a risk of significant data breaches, potentially impairing business operations and leading to regulatory consequences.

3. Widespread System Compromise: As n8n often interacts with various services and applications, exploiting this vulnerability could allow a breach to escalate across interconnected systems, impacting not just the n8n host but also other integrated components in the organization's infrastructure.

References