CVE-2025-65964

Description

### Impact The n8n Git node allows workflows to set arbitrary Git configuration values through the _Add Config_ operation. When an attacker-controlled workflow sets `core.hooksPath` to a directory within the cloned repository containing a Git hook such as `pre-commit`, Git executes that hook during subsequent Git operations. Because Git hooks run as local system commands, this behavior can lead to **arbitrary command execution** on the underlying n8n host. Successful exploitation requires the ability to create or modify an n8n workflow that uses the Git node. Affected versions: **≥ 0.123.1 and < 1.119.2** ### Patches This issue has been patched in **n8n version 1.119.2**. All users running affected versions should upgrade to **1.119.2 or later**. ### Workarounds If upgrading is not immediately possible, the following mitigations can reduce exposure: - Exclude the Git node ([Docs](https://n8n-docs.teamlab.info/hosting/securing/blocking-nodes/#exclude-nodes)). - Avoid cloning or interacting with untrusted repositories using the Git Node.

How to fix CVE-2025-65964

To remediate CVE-2025-65964, upgrade the affected package to a fixed version below.

• —upgrade to 1.119.2 or later

Is CVE-2025-65964 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• >= 0.123.1, < 1.119.2

CVSS scores

References (6)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-65964
• PATCHgithub.com/n8n-io/n8n
• WEBgithub.com/n8n-io/n8n/commit/d5a1171f95f75def5c3ac577707ab913e22aef04
• WEBgithub.com/n8n-io/n8n/releases/tag/n8n%401.119.2
• WEB