n8n, an open-source workflow automation platform, has recently been sounding the alarm. There’s a particularly grave security vulnerability that could lead to remote code execution (RCE). This vulnerability impacts both self-hosted deployments and n8n Cloud instances. None other than security researcher Théo Lelasseux found the flaw that was assigned to GHSA-v364-rw7m-3263. Impact This vulnerability affects all versions of n8n from 0.123.0 up to but not including 1.121.3.
On Tuesday, the n8n team announced the advisory on their GitHub repository. They recommended all users update to the recently released version 1.121.3 which contains a fix for the vulnerability. This new update, released in early November 2025, is a critical step in keeping the platform stable and secure.
Details of the Vulnerability
The flaw that was found is high-severity and high-risk. An authenticated user can exploit it to execute untrusted code through the n8n service in certain circumstances. Under certain circumstances, this might result in catastrophic effects if bad actors take advantage of the vulnerability.
“Under certain conditions, an authenticated user may be able to cause untrusted code to be executed by the n8n service,” – n8n
n8n has an npm package available, hosted on npm. It’s imperative that developers and users alike use the secure version to keep their workflows and data safe. Since the start of this issue, the maintainers of n8n have been responsible and responsive with their users’ security as a priority.
Impact on Users
This egregious error harms millions of users. It does so on the self-hosted version of the platform as well as the cloud-hosted version, where they control the software. For everyone from individuals to businesses who depend on n8n to automate their workflows, this latest example highlights the need to act quickly to secure their environments.
Users are urged to take the time to verify their currently installed version and upgrade to uptane 1.121.3 as soon as possible. Without infrastructure like this in place, cities and states will continue to expose their communities to devastating impacts tied to this hazard.
Community Response
This is a critical flaw. Cybersecurity forums have been abuzz about this critical flaw. Indeed, Hacker News was all over this story immediately after the advisory published. The community’s vigilance and swift action are required to mitigate the dangers of these types of vulnerabilities.
n8n is still our favorite platform for automating workflows. Regular updates and security advisories are key in keeping user confidence high. Théo Lelasseux’s response really illustrates the need for community engagement to go hand-in-hand with any effort to advance software security.
