Researchers have launched particulars a couple of vital vulnerability that was silently patched in n8n, a platform utilized by many firms to construct LLM-powered brokers and automatic workflows. The flaw can permit unauthenticated attackers to fully take over native n8n deployments, execute instructions on the underlying system, and extract delicate company information workflows sometimes have entry to.
“The blast radius of a compromised n8n is huge,” researchers from information safety firm Cyera, who discovered the vulnerability, famous of their report on the vulnerability. “N8n is connecting numerous methods, your organizational Google Drive, OpenAI API keys, Salesforce information, IAM methods, cost processors, buyer databases, CI/CD pipelines, and extra. It’s the central nervous system of your automation infrastructure.”
The n8n builders patched this concern in model 1.121.0 launched on Nov. 18, however the launch notes didn’t point out safety fixes on the time, which appears to be commonplace process as n8n safety advisories are deliberately launched with a delay. The undertaking has patched different vital RCE vulnerabilities since then, equivalent to CVE-2025-68613, CVE-2025-68668, and CVE-2026-21877, so customers ought to guarantee they all the time replace to the newest out there model.
