¡¾Â©¶´Í¨¸æ¡¿n8n Pyodide ɳÏäÈÆ¹ý©¶´(CVE-2025-68668)

·¢²¼Ê±¼ä 2026-01-04

Ò»¡¢Â©¶´¸ÅÊö


©¶´Ãû³Æ

n8n Pyodide ɳÏäÈÆ¹ý©¶´

CVE   ID

CVE-2025-68668

©¶´ÀàÐÍ

ɳÏäÈÆ¹ý©¶´

·¢ÏÖʱ¼ä

2026-1-4

©¶´ÆÀ·Ö

9.9

©¶´µÈ¼¶

ÑÏÖØ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

µÍ

ÀûÓÃÄѶÈ

µÍ

Óû§½»»¥

²»ÐèÒª

PoC/EXP

Òѹ«¿ª

ÔÚÒ°ÀûÓÃ

δ·¢ÏÖ


n8nÊÇÒ»¸ö¿ªÔ´µÄ¹¤×÷Á÷×Ô¶¯»¯¹¤¾ß£¬Ö¼ÔÚ°ïÖúÓû§Í¨¹ýͼÐλ¯½çÃæÉè¼ÆºÍ×Ô¶¯»¯¸÷ÖÖÈÎÎñ¡£ËüÖ§³Ö¶àÖÖ¼¯³É·½Ê½£¬¿ÉÒÔÓëÖÚ¶àµÚÈý·½·þÎñºÍÓ¦ÓýøÐÐÁ¬½Ó£¬ÀýÈçÊý¾Ý¿â¡¢API¡¢ÔÆ·þÎñµÈ¡£n8nÌṩ·á¸»µÄ½ÚµãºÍ´¥·¢Æ÷£¬Óû§¿ÉÒÔͨ¹ýÅäÖù¤×÷Á÷À´ÊµÏÖÊý¾Ý´¦Àí¡¢ÈÎÎñµ÷¶È¡¢ÏµÍ³¼¯³ÉµÈ¹¦ÄÜ¡£Æä¿ÉÀ©Õ¹ÐÔÇ¿£¬Ö§³Ö×Ô¶¨Òå½Úµã£¬ÊÊÓÃÓÚ¿ª·¢ÕßºÍÆóÒµÓû§£¬°ïÖúÌá¸ß¹¤×÷ЧÂʺÍ×Ô¶¯»¯Ë®Æ½¡£


2026Äê1ÔÂ4ÈÕ£¬mansion88Ã÷Éý¼¯ÍÅVSRC¼à²âµ½ÔÚn8nƽ̨µÄPyodide»ùÓÚPython´úÂë½ÚµãÖУ¬´æÔÚÒ»¸öɳÏäÈÆ¹ý©¶´¡£¹¥»÷Õß¿ÉÒÔÀûÓøÃ©¶´£¬ÔÚ»ñµÃ´´½¨»òÐ޸Ť×÷Á÷ȨÏÞµÄÇé¿öÏ£¬Ö´ÐÐÈÎÒâÃüÁ½ø¶øÔÚÔËÐÐn8nµÄÖ÷»úϵͳÉÏÖ´ÐжñÒâ²Ù×÷¡£´Ë©¶´ÔÊÐí¹¥»÷ÕßÒÔÓën8n½ø³ÌÏàͬµÄȨÏÞ¼¶±ðÖ´ÐÐÃüÁ´Ó¶ø¿ÉÄܵ¼ÖÂϵͳ±»ÍêÈ«¿ØÖÆ¡£Â©¶´ÆÀ·Ö9.9·Ö£¬Â©¶´¼¶±ðÑÏÖØ¡£


¶þ¡¢Ó°Ï췶Χ


1.0.0 <= n8n < 2.0.0


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


¹Ù·½ÒÑ·¢²¼ÐÞ¸´²¹¶¡£¬ÒÔÐÞ¸´¸Ã©¶´¡£
n8n >= 2.0.0


ÏÂÔØÁ´½Ó£ºhttps://github.com/n8n-io/n8n/releases/


3.2 ÁÙʱ´ëÊ©


ÔÝÎÞ¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬¼õÉÙϵͳ©¶´£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£
¼ÓǿϵͳºÍÍøÂçµÄ·ÃÎÊ¿ØÖÆ£¬Ð޸ķÀ»ðǽ²ßÂÔ£¬¹Ø±Õ·Ç±ØÒªµÄÓ¦Óö˿ڻò·þÎñ£¬¼õÉÙ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©±©Â¶µ½¹«Íø£¬¼õÉÙ¹¥»÷Ãæ¡£
ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫÐÔÄÜ¡£
¼ÓǿϵͳÓû§ºÍȨÏÞ¹ÜÀí£¬ÆôÓöàÒòËØÈÏÖ¤»úÖÆºÍ×îСȨÏÞÔ­Ôò£¬Óû§ºÍÈí¼þȨÏÞÓ¦±£³ÖÔÚ×îµÍÏÞ¶È¡£
ÆôÓÃÇ¿ÃÜÂë²ßÂÔ²¢ÉèÖÃΪ¶¨ÆÚÐ޸ġ£


3.4 ²Î¿¼Á´½Ó


https://github.com/n8n-io/n8n/security/advisories/GHSA-62r4-hw23-cc8v/
https://nvd.nist.gov/vuln/detail/CVE-2025-68668