Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-kpes-f88x-vuhd
Vulnerability ID VCID-kpes-f88x-vuhd
Aliases CVE-2025-68697
GHSA-j4p8-h8mh-rh8q
Summary Self-hosted n8n has Legacy Code node that enables arbitrary file read/write In self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node. This allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including: - Reading files from the host filesystem (subject to any file-access restrictions configured on the instance and OS/container permissions) - Writing files to the host filesystem (subject to the same restrictions) Starting with n8n version 1.2.1, access to files in the n8n home directory (`.n8n`) is blocked by default. However, this does not restrict access to other parts of the filesystem unless additional file access limitations are configured.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-269 Improper Privilege Management
CWE-749 Exposed Dangerous Method or Function
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3.1 7.1 https://github.com/n8n-io/n8n
generic_textual HIGH https://github.com/n8n-io/n8n
cvssv3.1 7.1 https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q
generic_textual HIGH https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q
cvssv3.1 7.1 https://nvd.nist.gov/vuln/detail/CVE-2025-68697
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2025-68697
Reference id Reference type URL
https://github.com/n8n-io/n8n
CVE-2025-68697 https://nvd.nist.gov/vuln/detail/CVE-2025-68697
GHSA-j4p8-h8mh-rh8q https://github.com/advisories/GHSA-j4p8-h8mh-rh8q
GHSA-j4p8-h8mh-rh8q https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Found at https://github.com/n8n-io/n8n
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Found at https://github.com/n8n-io/n8n/security/advisories/GHSA-j4p8-h8mh-rh8q
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2025-68697
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-02T04:49:17.321160+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/n8n/CVE-2025-68697.yml 38.6.0