๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2025-68613: n8n Improper Control of Dynamically-Managed Code Resources Vulnerability
Summary
n8n, a workflow automation tool, has a vulnerability in how it handles dynamically managed code resources (code that is created or modified while the program runs), which allows attackers to execute arbitrary code remotely on affected systems. This vulnerability is currently being actively exploited by attackers in the wild.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services (a government directive for managing cloud security), or discontinue use of the product if mitigations are unavailable.
Vulnerability Details
EPSS: 79.0%
Yes
๐ฅ Actively Exploited
March 10, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-68613
First tracked: March 11, 2026 at 04:00 PM
Classified by LLM (prompt v3) ยท confidence: 75%