CVE-2025-65964HIGH 8.8EPSS p44.3%

CVE-2025-65964CVE-2025-65964

Description

n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including core.hooksPath, which can point to a malicious Git hook that executes arbitrary commands on the n8n host during subsequent Git operations. Exploitation requires the ability to create or modify an n8n workflow using the Git node. This issue is fixed in version 1.119.2. Workarounds include excluding the Git Node (Docs) and avoiding cloning or interacting with untrusted repositories using the Git Node.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.60% probability of exploitation · percentile 44.3% · 2026-06-19T12:03:05Z
Published2025-12-09
Last modified2026-01-02

Underlying weaknesses· 1

CWE-829

References

  1. https://github.com/n8n-io/n8n/commit/d5a1171f95f75def5c3ac577707ab913e22aef04
  2. https://github.com/n8n-io/n8n/releases/tag/n8n%401.119.2
  3. https://github.com/n8n-io/n8n/security/advisories/GHSA-wpqc-h9wp-chmq
  4. https://n8n-docs.teamlab.info/hosting/securing/blocking-nodes/#exclude-nodes

1

TypeTargetConfidenceTier
WeaknessInclusion of Functionality from Untrusted Control Spherecwe-8290%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-62726
CVE
CVE-2026-27498
CVE
CVE-2026-25053
CVE
CVE-2026-21877
CVE
CVE-2025-68668
CVE
CVE-2026-25055
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.