🚨 Security Alert: N8N Trusted Image 'n8n-trusted:2.13.2' Fails Promotion Gate, Requires Manual Review

A critical security re-scan has flagged a previously approved container image as ineligible for deployment. The image `n8n-trusted:2.13.2`, used in secure deployment workflows, now violates the current promotion criteria based on age, Known Exploited Vulnerabilities (KEV), and Exploit Prediction Scoring System (EPSS) metrics. This failure triggers an immediate operational halt, forcing teams to choose between finding a clean version or pulling the vulnerable software from production hosts.

The alert details four specific security findings that now require manual review. The severity is underscored by the age of the vulnerabilities: two critical or high-severity CVEs are now at least 30 days old, significantly increasing exploit risk. Compounding the uncertainty, two other critical or high-severity CVEs have unknown publication dates, making risk assessment and patching timelines opaque. The automated weekly scan, which triggered this alert, has exposed a latent vulnerability that passed through earlier gates.

This incident places direct pressure on deployment and security operations. Teams must urgently access the linked workflow run for full details and execute one of two mandated actions: either promote a newer, verified clean version through the Image Promotion pipeline, or revoke the compromised image by updating the `N8N_IMAGE_DIGEST` on all affected hosts. The failure of a 'trusted' image highlights the persistent challenge of maintaining software supply chain security against evolving threat intelligence.