Describe the problem/error/question
Hi,
I do have a self-hosted instance that’s affected by CVE-2025-68613 . Some may have seen the issue here that was posted today https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html
(I do whitelist ips that can access the instance, so I’m not at a high risk.)
Looks like the affected versions are:
The issue, which affects all versions including and higher than 0.211.0 and below 1.120.4, has been patched in 1.120.4, 1.121.1, and 1.122.0
Do you recommend going up to a minor version first before going to 2., or just go straight to 2.? I’m aware of the breaking changes and this guide in n8n v2.0 breaking changes | n8n Docs
My plan is to get to a minor version with the fix right now.