Researchers have launched particulars a few vital vulnerability that was silently patched in n8n, a platform utilized by many corporations to construct LLM-powered brokers and automatic workflows. The flaw can enable unauthenticated attackers to fully take over native n8n deployments, execute instructions on the underlying system, and extract delicate company knowledge workflows usually have entry to.
“The blast radius of a compromised n8n is very large,” researchers from knowledge safety firm Cyera, who discovered the vulnerability, famous of their report on the vulnerability. “N8n is connecting numerous methods, your organizational Google Drive, OpenAI API keys, Salesforce knowledge, IAM methods, fee processors, buyer databases, CI/CD pipelines, and extra. It’s the central nervous system of your automation infrastructure.”
The n8n builders patched this challenge in model 1.121.0 launched on Nov. 18, however the launch notes didn’t point out safety fixes on the time, which appears to be normal process as n8n safety advisories are deliberately launched with a delay. The mission has patched different vital RCE vulnerabilities since then, akin to CVE-2025-68613, CVE-2025-68668, and CVE-2026-21877, so customers ought to guarantee they at all times replace to the most recent accessible model.
