n8n-workflow 1.120.3 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the n8n-workflow package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Directory Traversal n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Directory Traversal via the SSH node when workflows process uploaded files and transfer them to remote servers without validating their metadata. An attacker can write files to unintended locations on remote systems and potentially achieve remote code execution by uploading specially crafted files to unauthenticated endpoints. Note: This is only exploitable if the attacker has knowledge of such workflows and the endpoints for file uploads are unauthenticated. How to fix Directory Traversal? Upgrade `n8n-workflow` to version 1.120.5, 2.3.2 or higher.	<1.120.5>=2.0.0 <2.3.2
C Improper Control of Dynamically-Managed Code Resources n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the workflow expression evaluation system. An attacker can execute arbitrary code with the privileges of the underlying process by supplying crafted expressions during workflow configuration. This may result in full compromise of the instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations. Note: This is caused by a bypass of the fix for CVE-2025-68613. How to fix Improper Control of Dynamically-Managed Code Resources? Upgrade `n8n-workflow` to version 1.120.4, 2.3.1 or higher.	<1.120.4>=2.0.0-rc.0 <2.3.1
M Eval Injection n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Eval Injection during the Expression evaluation workflow. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An attacker can execute arbitrary code with the privileges of the main process by supplying crafted expressions during workflow configuration. How to fix Eval Injection? Upgrade `n8n-workflow` to version 1.120.7, 2.4.3, 2.5.1 or higher.	<1.120.7>=2.0.0-rc.0 <2.4.3>=2.5.0 <2.5.1
C Remote Code Execution (RCE) n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to insufficient isolation in the Python Code Node that uses Pyodide. An authenticated attacker with permissions to create or modify workflows can execute arbitrary commands on the host system by creating or modifying workflows with malicious code. How to fix Remote Code Execution (RCE)? Upgrade `n8n-workflow` to version 2.0.0-rc.1 or higher.	>=1.0.0 <2.0.0-rc.1

Vulnerability

Vulnerable Version

Directory Traversal

n8n-workflow is a Workflow base code of n8n

Affected versions of this package are vulnerable to Directory Traversal via the SSH node when workflows process uploaded files and transfer them to remote servers without validating their metadata. An attacker can write files to unintended locations on remote systems and potentially achieve remote code execution by uploading specially crafted files to unauthenticated endpoints.

Note:

This is only exploitable if the attacker has knowledge of such workflows and the endpoints for file uploads are unauthenticated.

How to fix Directory Traversal?

Upgrade n8n-workflow to version 1.120.5, 2.3.2 or higher.

<1.120.5>=2.0.0 <2.3.2

Improper Control of Dynamically-Managed Code Resources

n8n-workflow is a Workflow base code of n8n

Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the workflow expression evaluation system. An attacker can execute arbitrary code with the privileges of the underlying process by supplying crafted expressions during workflow configuration. This may result in full compromise of the instance, including unauthorized access to sensitive data, modification of workflows, and execution of system-level operations.

Note:

This is caused by a bypass of the fix for CVE-2025-68613.

How to fix Improper Control of Dynamically-Managed Code Resources?

Upgrade n8n-workflow to version 1.120.4, 2.3.1 or higher.

<1.120.4>=2.0.0-rc.0 <2.3.1

Eval Injection

n8n-workflow is a Workflow base code of n8n

Affected versions of this package are vulnerable to Eval Injection during the Expression evaluation workflow. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An attacker can execute arbitrary code with the privileges of the main process by supplying crafted expressions during workflow configuration.

How to fix Eval Injection?

Upgrade n8n-workflow to version 1.120.7, 2.4.3, 2.5.1 or higher.

<1.120.7>=2.0.0-rc.0 <2.4.3>=2.5.0 <2.5.1

Remote Code Execution (RCE)

n8n-workflow is a Workflow base code of n8n

Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to insufficient isolation in the Python Code Node that uses Pyodide. An authenticated attacker with permissions to create or modify workflows can execute arbitrary commands on the host system by creating or modifying workflows with malicious code.

How to fix Remote Code Execution (RCE)?

Upgrade n8n-workflow to version 2.0.0-rc.1 or higher.

>=1.0.0 <2.0.0-rc.1

n8n-workflow@1.120.3 vulnerabilities

Workflow base code of n8n

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically