Tag Archives: n8n

About the Remote Code Execution Vulnerability – n8n (CVE-2025-68613)

Leave a reply

About the Remote Code Execution Vulnerability - n8n (CVE-2025-68613)

About Remote Code Execution Vulnerability – n8n (CVE-2025-68613). n8n is a workflow automation platform available under a fair-code license. Improper Control of Dynamically-Managed Code Resources (CWE-913) in the n8n workflow expression evaluation system allows a remote authenticated attacker without administrative privileges to execute arbitrary code.

⚙️ The vulnerability was fixed in late December 2025.

⚒️ Exploits on GitHub have been available since December 22, including those for combined exploitation with CVE-2026-21858 (Ni8mare).

👾 On December 26, a detailed write-up by Resecurity was published, reporting signs of exploitation in the wild. On February 27, Akamai reported exploitation of the vulnerability by Zerobot malware. On March 11, the vulnerability was added to the CISA KEV.

🌐 In January, CyberOK SKIPA recorded just under 9,000 active n8n instances in the Runet, ~70% of which were vulnerable.

I watched the recording of the Positive Technologies webinar “How to use MaxPatrol VM API: theory and practice”

Leave a reply

I watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practiceI watched the recording of the Positive Technologies webinar How to use MaxPatrol VM API: theory and practice

I watched the recording of the Positive Technologies webinar “How to use MaxPatrol VM API: theory and practice“. On the theoretical part, everything is clear: there is a documented API; it is the same for integrations and Web GUI. 🙂

On the practical side they showed:

🔻 How to use the MaxPatrol API in the Nightingale REST client (examples on GitHub).
🔻 Unofficial PTVM SDK. A small Python script with one class for working with the MaxPatrol API.
🔻 Positive CLI for MaxPatrol API. So, automation can be done simply with shell scripts! 😇 A much more functional project than the SDK, also in Python. The screenshots show the vulnerabilities with criticality calculated using FSTEC methodology and trending vulnerabilities with an exploit.
🔻 How to use the MaxPatrol API in the low-code tool n8n (e.g. sending query results to Telegram).

Links to projects are on the addons page.

Show it to your colleagues who work with MaxPatrol VM. 😉

На русском