Critical

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

The Hacker News

Overview

A serious vulnerability has been found in n8n, an open-source workflow automation platform, which could allow authenticated users to run arbitrary system commands on the server. This vulnerability, identified as CVE-2025-68668, has a high severity score of 9.9 according to the CVSS system, indicating a significant risk. It stems from a failure in the protection mechanisms that should keep the system secure. Users of n8n should be particularly concerned as this issue could lead to unauthorized control over their systems. The affected versions include all versions prior to the patch that addresses this vulnerability, making it crucial for users to update their installations promptly to prevent potential exploitation.

Key Takeaways

  • Affected Systems: n8n (all versions prior to patch)
  • Action Required: Users are urged to update to the latest version of n8n to mitigate this vulnerability.
  • Timeline: Newly disclosed

Original Article Summary

A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying host. The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a protection mechanism failure. It affects n8n versions from

Impact

n8n (all versions prior to patch)

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Newly disclosed

Remediation

Users are urged to update to the latest version of n8n to mitigate this vulnerability. Specific patch details were not provided in the article, but users should ensure they are running the most recent version to safeguard against this issue.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Vulnerability, Patch, and 2 more.

Related Coverage

CISA orders feds to patch actively exploited Oracle flaw by Saturday

BleepingComputer

The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies address a serious vulnerability in the Oracle E-Business Suite by Saturday. This flaw is being actively exploited in the wild, posing risks to financial operations managed through the software. Agencies are urged to take immediate action to protect their systems from potential attacks that could compromise sensitive financial data. The urgency of this directive reflects the critical nature of the vulnerability and the potential impact on government operations if left unaddressed.

Jul 16, 2026

Russian hackers trojanize WebEx, Zoom apps to push Starland malware

BleepingComputer

A group of Russian hackers, known as UAT-11795, is targeting users of popular video conferencing applications like WebEx and Zoom by distributing a trojanized version of their software. This malicious software, identified as Starland RAT, is designed to steal user credentials and cryptocurrency. The attackers are using sophisticated methods to infiltrate these widely used platforms, raising concerns for businesses and individuals who rely on them for communication. The spread of this malware could lead to significant financial losses for victims, as it compromises sensitive information. Users of these applications should be vigilant and ensure they are downloading software from official sources to protect against this threat.

Jul 16, 2026

AI Can Find Bugs, But Human Knowledge Still Proves Them

The Hacker News

Artificial intelligence is becoming a game changer in offensive security, helping teams to detect vulnerabilities faster and more efficiently. AI tools can analyze code, generate potential attack vectors, and automate testing processes, which can significantly enhance the capabilities of security professionals. However, these tools still rely on human expertise to validate findings; an AI can suggest a vulnerability, but it takes a skilled human to confirm it and assess its impact. This reliance on human knowledge means that while AI can speed up the detection process, it cannot fully replace the nuanced understanding that experienced security analysts bring to the table. As AI continues to evolve, its integration into security practices will likely grow, but the necessity for human verification remains critical.

Jul 16, 2026

New Spirals ransomware encrypts victim network in under 24 hours

BleepingComputer

A new ransomware group called Spirals has demonstrated a rapid and aggressive approach to cyberattacks by completing a corporate intrusion in less than 24 hours. This includes gaining initial access, stealing data, and encrypting systems. Organizations that fall victim to Spirals could face significant data loss and operational disruption, making it crucial for companies to enhance their cybersecurity measures. The speed of these attacks raises concerns about the effectiveness of current security protocols, as attackers can bypass defenses much quicker than many organizations can respond. Companies need to stay vigilant and ensure they have robust incident response plans in place to mitigate the risks posed by such fast-moving threats.

Jul 16, 2026

SANS Warns of AI Governance Gap as Use by Security Teams Surges

Infosecurity Magazine

The SANS Institute has raised concerns about the lack of governance frameworks surrounding the increasing use of artificial intelligence (AI) by security teams. Despite the rapid adoption of AI tools, many organizations do not have established programs to oversee their use, which could lead to failures or vulnerabilities in security practices. As AI continues to evolve, the risks associated with its misuse or mismanagement are likely to grow, potentially exposing sensitive data or systems to threats. This situation calls for companies to prioritize the development of governance strategies to ensure that AI technologies are applied safely and effectively in cybersecurity efforts.

Jul 16, 2026

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

The Hacker News

A newly discovered vulnerability in the Shark RV2320EDUS robot vacuum allows attackers to control other Shark vacuums within the same AWS region. By extracting a certificate from the vacuum's flash storage, researchers can execute root commands on other devices, giving them access to features like the vacuum's camera, navigation controls, and even the Wi-Fi password in plaintext. This security flaw was reported by a researcher known as tokay0, who tested the method on a limited number of devices. The implications are significant, as it raises concerns about the security of smart home devices and the potential for unauthorized surveillance and control. Users of affected Shark vacuums should be aware of this vulnerability and take steps to secure their devices until a fix is provided.

Jul 16, 2026