CVE-2025-65964
HIGHDescription
n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including core.hooksPath, which can point to a malicious Git hook that executes arbitrary commands on the n8n host during subsequent Git operations. Exploitation requires the ability to create or modify an n8n workflow using the Git node. This issue is fixed in version 1.119.2. Workarounds include excluding the Git Node (Docs) and avoiding cloning or interacting with untrusted repositories using the Git Node.
Is your site exposed to CVE-2025-65964?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| n8n | n8n |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-65964? +
How severe is CVE-2025-65964? +
What products are affected by CVE-2025-65964? +
How do I check if I'm vulnerable to CVE-2025-65964? +
Related Vulnerabilities
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution …
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input …
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules …
An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. …
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those …
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control …