CVE-2025-65964 | n8n up to 1.119.1 core.hooksPath inclusion of functionality from untrusted control sphere (GHSA-wpqc-h9wp-chmq)

A vulnerability classified as very critical was found in n8n up to 1.119.1. Impacted is the function core.hooksPath. The manipulation results in inclusion of functionality from untrusted control sphere.

This vulnerability is identified as CVE-2025-65964. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More