No rest for project maintainers battered by slew of vulnerability disclosures The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that hackers are exploiting a max-severity ...

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.

CVE-2025-68668 in n8n’s Python Code Node enables arbitrary system command execution Attackers with workflow permissions can bypass Pyodide sandbox, risking malware, data theft, and system compromise ...

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare." n8n is an open-source workflow automation platform that allows users to connect ...