CVE-2025-57749: n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files

August 20, 2025 (updated August 21, 2025)

A symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks). An attacker with the ability to create symlinks—such as by using the Execute Command node—could exploit this to bypass the intended directory restrictions and read from or write to otherwise inaccessible paths. Users of n8n.cloud are not impacted.

References

github.com/advisories/GHSA-ggjm-f3g4-rwmm
github.com/n8n-io/n8n
github.com/n8n-io/n8n/commit/c2c3e08cdf33570d9051e659812cbfbdd3c077fd
github.com/n8n-io/n8n/pull/17735
github.com/n8n-io/n8n/security/advisories/GHSA-ggjm-f3g4-rwmm
nvd.nist.gov/vuln/detail/CVE-2025-57749

Code Behaviors & Features

Detect and mitigate CVE-2025-57749 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →