> TritonInfoSec News
Home / Mar 12, 2026 / Story
0
#1 The Hacker News general March 12, 2026 at 05:18 UTC

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

By [email protected] (The Hacker News)

AI Summary

CISA added CVE-2025-68613, a critical n8n vulnerability with a 9.9 CVSS score, to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. The expression injection flaw leads to remote code execution, with approximately 24,700 exposed instances still vulnerable despite patches being available.

Read full article → https://thehackernews.com/2026/03/cisa-flags-activ…

Relevance score: 95.0/100

# More from March 12

  1. 2
    Medical device giant Stryker confirms cyberattack as employees say devices were wiped The Record
  2. 3
    14,000 routers are infected by malware that's highly resistant to takedowns Ars Technica Security
  3. 4
    Xygeni GitHub Action Compromised Via Tag Poison Dark Reading
  4. 5
    New PhantomRaven NPM attack wave steals dev data via 88 packages BleepingComputer
  5. 6
    SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites BleepingComputer
  6. 7
    Medtech giant Stryker offline after Iran-linked wiper malware attack BleepingComputer
  7. 8
    Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days The Hacker News
  8. 9
    Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials The Hacker News
  9. 10
    UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours The Hacker News