CVE-2025-68613 is a CVSS 9.5 unauthenticated RCE in n8n workflow automation platform (versions prior to v1.122.0), combining expression injection and dynamic code resource miscontrol, with an EPSS score at the 98.9th percentile and over 40,000 internet-exposed unpatched instances confirmed. CISA added this to KEV on March 11, 2026 with a federal remediation deadline of March 25, 2026; exploitation enables full instance takeover and theft of API keys, OAuth tokens, and CI/CD secrets stored within n8n. Upgrade to v1.122.0 or later immediately; organizations unable to patch within 24 hours should take internet-exposed instances offline and treat all stored credentials as potentially compromised pending log review.