🚨 CRITICAL ALERT: Active Zero-Day Exploits

Immediate attention is required for two newly identified critical vulnerabilities that pose significant threats to affected systems. Systems running the impacted versions of Apple operating systems and the n8n workflow platform are at heightened risk. Exploitation of these vulnerabilities could lead to severe consequences, including arbitrary code execution and full system compromise. Apple has acknowledged reports of exploitation in the wild for one of these vulnerabilities.

Critical Vulnerabilities (CVSS >= 8.0)

• CVE-2024-23222 (CVSS: 8.8): A type confusion issue in Apple operating systems may allow arbitrary code execution via malicious web content. Affected versions include iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and others. View NVD | CISA KEV
• CVE-2025-68613 (CVSS: 9.9): n8n versions 0.211.0 to prior 1.120.4 contain an RCE vulnerability in expression evaluation, risking full system compromise. View NVD | CISA KEV

⚡ Immediate Actions Required

Organizations using affected Apple products should upgrade to the latest patched versions—iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and others—as soon as possible to prevent potential exploitation. For n8n users, upgrading to versions 1.120.4, 1.121.1, or 1.122.0 is imperative to secure the system. Where immediate upgrading is not feasible, restrict workflow permissions to trusted users and deploy the platform in a secure environment with limited permissions. These measures should be considered temporary and non-comprehensive in mitigating the risk.