CVE-2025-57749

MEDIUM

N8n < 1.106.0 - Symlink Following

Title source: rule

Description

n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks). An attacker with the ability to create symlinks—such as by using the Execute Command node—could exploit this to bypass the intended directory restrictions and read from or write to otherwise inaccessible paths. Users of n8n.cloud are not impacted. Affected users should update to version 1.106.0 or later.

References (2)

[Vendor Advisory] https://github.com/n8n-io/n8n/security/advisories/GHSA-ggjm-f3g4-rwmm

[Patch] https://github.com/n8n-io/n8n/pull/17735

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 26.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-59

Status published

Products (2)

n8n/n8n < 1.106.0

npm/n8n 0 - 1.106.0npm

Published Aug 20, 2025

Tracked Since Feb 18, 2026