CVE-2025-57749

Impact

A symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks). An attacker with the ability to create symlinks—such as by using the Execute Command node—could exploit this to bypass the intended directory restrictions and read from or write to otherwise inaccessible paths. Users of n8n.cloud are not impacted.

Patches

Affected users should update to version 1.106.0 or later.

Workarounds

Until the patch is applied:

Disable or restrict access to the Execute Command node and any other nodes that allow arbitrary file system access.
Avoid using the Read/Write File node on untrusted paths or inputs that could be manipulated via symlinks.

Published: Aug 20, 2025
Updated: Aug 21, 2025
CVE: CVE-2025-57749
GHSA: GHSA-ggjm-f3g4-rwmm
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

Affected Software
References

Software	From	Fixed in
n8n	-	1.106.0

Vulnerability Database

CVE-2025-57749

Impact

Patches

Workarounds