The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced this month that it added a new exploit to its “Known Exploited Vulnerabilities” (KEV) catalog. The CV-2025-6813 n8n Improper Control of Dynamically-Managed Code Resources Vulnerability is a frequent attack vector that malicious cyber actors can exploit, posing significant risks to the federal enterprise, CISA warned.
“Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information,” the CISA explained.
What Is n8n and Why It Matters
n8n (pronounced n-eight-n) is an open-source, node-based workflow automation tool that connects apps, APIs, and databases to automate tasks. The vulnerability can affect n8n’s expression evaluation system. This could allow attackers to read/modify data, steal environment variables (credentials/secrets), and perform lateral movement within the network.
Although BOD 22-01 applies only to FCEB agencies, CISA still “strongly” urged all organizations to reduce their exposure to cyberattacks by prioritizing the timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practices.
Federal Agencies Race to Patch Actively Exploited n8n Vulnerability
Security researchers warned that the multiple vulnerabilities in n8n could allow attackers to execute commands on vulnerable systems, escape sandbox protections, and potentially even take full control of affected servers. This is certainly a concern for the government sector.
“Federal agencies are racing to patch n8n workflow automation servers following a CISA directive targeting an actively exploited expression injection vulnerability,” said John Carberry, solution sleuth at cybersecurity provider Xcape, Inc.
Carberry told ClearanceJobs via email that despite previous security updates, researchers discovered multiple bypasses (CVE-2026-25049 and CVE-2026-27577) that allow attackers to escape the platform’s sandbox and execute arbitrary code on the host system.
“This cycle of incomplete patching is particularly dangerous for automation tools that serve as a central repository for sensitive API keys and OAuth tokens across the Enterprise,” Carberry added.
How the n8n Vulnerability Could Expose API Keys, OAuth Tokens, and Enterprise Credentials
Although n8n is not a dedicated credential vault, it does have built-in, secure credential management capabilities. It also acts as an encrypted credential manager: n8n stores API keys, OAuth tokens, and passwords for dozens of third-party services. A single compromised instance gives attackers access to an entire digital ecosystem.
That has made it a high-value target for hackers.
Denis Calderone, CTO at Suzu Labs, told ClearanceJobs that, as it stores API keys, OAuth tokens, database passwords, and cloud storage credentials for every service it connects to, the compromise of one n8n instance is akin to handing over the keys to the kingdom to a hacker.
“You don’t just own the automation platform, you get the keys to every system it touches,” Calerone explained. “n8n is under sustained assault from multiple angles right now, and CISA just confirmed this latest one is being actively exploited. We’ve seen four critical RCE vulnerabilities in just the last three months, and an active supply chain attack to boot.
Recent vulnerabilities across VMware, Cisco, and n8n have once again brought fresh light to the inherited trust problem.
“The underlying issue here is that your management and orchestration tools carry the deepest trust in your environment, and attackers know it,” added Calderone. “What makes this one particularly concerning is the attack surface. The patch has been available since December. That’s three months of exposure while these things are being actively exploited, and exploitation apparently spiked over the Christmas holiday when teams were thin.”
Experts suggested that any entity running n8n should patch immediately, audit what credentials are stored in it, and restrict who can create or edit workflows.
“Even if the initial access comes from a regular user account, these vulnerabilities can expose much more powerful credentials stored within the platform,” warned Vishal Agarwal, CTO at cybersecurity provider Averlon. “Organizations should not only patch quickly but also map the pathways those credentials create across their environment.”
Why Sandbox Escapes in Automation Platforms Like n8n Create Major Security Risks
For security professionals, the issues with n8n highlight the fragility of relying on software-defined sandboxes when the underlying application logic remains inherently permissive, Carberry suggested.
Security experts have warned that software-defined sandboxes often fail to expose vulnerabilities due to advanced evasion techniques, environmental mismatches, and design limitations. This may be the case with this latest n8n.
“Defenders must prioritize immediate updates to version 1.76.3 or later and audit all connected service credentials for signs of lateral movement. We need to stop treating sandbox escapes as isolated bugs and recognize them as fundamental design failures that require more than a quick syntax fix,” Carberry continued. “Patching a sandbox escape with a regex filter is like trying to fix a leaky dam with a Post-it note.”
Key Points in Summary
CISA has added a critical vulnerability in the open-source workflow automation platform n8n to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively being exploited. The vulnerability can allow attackers to execute commands, escape sandbox protections, and access sensitive credentials such as API keys, OAuth tokens, and database passwords stored within the platform. Because n8n often connects multiple enterprise systems, a single compromised instance could enable attackers to move laterally across networks and gain broader access to cloud services and internal infrastructure. CISA is urging federal agencies and private organizations to patch affected systems immediately and audit stored credentials to reduce the risk of enterprise compromise.
