CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2025-68613 to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. This vulnerability in n8n concerns improper control of dynamically-managed code resources and is considered a significant risk to federal agencies.
IFF Assessment
The addition of a new, actively exploited vulnerability to a government catalog signifies an increased threat to organizations that do not patch it promptly.
Severity
Defender Context
This alert from CISA highlights the critical importance of maintaining an up-to-date vulnerability management program. Defenders should prioritize patching or mitigating CVE-2025-68613, as it is actively being exploited and poses a known risk. Organizations should also monitor CISA's KEV Catalog regularly for new additions that may impact their environments.