The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed active exploitation of a critical remote code execution (RCE) vulnerability in the n8n workflow automation platform.

Entities

n8nCybersecurity and Infrastructure Security AgencyCanadian Centre for Cyber Security

Score total

1.28

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

CISA has just added the vulnerability to its Known Exploited Vulnerabilities list.
Federal patching orders have been issued to mitigate ongoing attacks.
The advisory updates from n8n and Canadian Cyber Security emphasize urgency.

Why it matters

The vulnerability allows remote code execution, risking full system compromise.
Active exploitation means unpatched systems are at immediate risk.
Federal agencies and users must patch promptly to prevent breaches.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

A critical remote code execution vulnerability in n8n is actively exploited in the wild.
CISA has added CVE-2025-68613 to its Known Exploited Vulnerabilities database and ordered federal agencies to patch affected systems.

How sources frame it

CISA: neutral
Canadian Centre For Cyber Security: neutral

This briefing highlights the critical n8n RCE vulnerability actively exploited in the wild and the coordinated response by CISA and Canadian Cyber Security urging immediate patching.

All evidence

CISA warns max-severity n8n bug is being exploited in the wild

The Register Security · go.theregister.com · 2026-03-12 13:34 UTC

n8n security advisory (AV25-857) – Update 1

Canadian Centre for Cyber Security - Alerts · cyber.gc.ca · 2026-03-11 20:31 UTC

CISA orders feds to patch n8n RCE flaw exploited in attacks

bleepingcomputer_all · bleepingcomputer.com · 2026-03-11 18:21 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -

Platform

Publisher

Origin domain