CVE-2025-65964

Опубликовано: 09 дек. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including core.hooksPath, which can point to a malicious Git hook that executes arbitrary commands on the n8n host during subsequent Git operations. Exploitation requires the ability to create or modify an n8n workflow using the Git node. This issue is fixed in version 1.119.2. Workarounds include excluding the Git Node (Docs) and avoiding cloning or interacting with untrusted repositories using the Git Node.

Ссылки

https://github.com/n8n-io/n8n/commit/d5a1171f95f75def5c3ac577707ab913e22aef04
Patch
https://github.com/n8n-io/n8n/releases/tag/n8n%401.119.2
Release Notes
https://github.com/n8n-io/n8n/security/advisories/GHSA-wpqc-h9wp-chmq
Exploit
Vendor Advisory
https://n8n-docs.teamlab.info/hosting/securing/blocking-nodes/#exclude-nodes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*

Версия от 0.123.1 (включая) до 1.119.2 (исключая)

EPSS

Процентиль: 5%

0.00022

Низкий

8.8 High

CVSS3

Дефекты

CWE-829

Связанные уязвимости

GHSA-wpqc-h9wp-chmq

github

2 месяца назад

n8n vulnerable to Remote Code Execution via Git Node Custom Pre-Commit Hook