CVE-2026-21858
published 2026-01-08CVE-2026-21858: n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server…
PriorityP196critical10CVSS 3.1
AVNACLPRNUINSCCHIHAN
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
71.65%
99.3th percentile
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| n8n-io | n8n | — | — |
| n8n | n8n | >= 1.65.0 < 1.121.0 | 1.121.0 |
| n8n | n8n | >= 1.65.0 < 1.121.0 | 1.121.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Alert on unauthenticated requests to n8n form/webhook endpoints that include file metadata fields with absolute filesystem paths (e.g., /etc/passwd, /proc/*), as this is the exploitation pattern for arbitrary file read. ↗
- →Monitor for n8n instances running versions 1.65.0 through 1.120.x that have an active workflow with a Form Submission trigger accepting a file element AND a Form Ending node returning a binary file — this is the specific vulnerable workflow configuration. ↗
- →Treat high-volume request bursts to n8n endpoints from coordinated infrastructure as active exploitation; GreyNoise observed 83,334 exploitation attempts from a single /24 block within the analysis window. ↗
- →Use the Metasploit auxiliary module `auxiliary/gather/ni8mare_cve_2026_21858` as a reference for the exploit's request structure to build network-level detection signatures. ↗
- ·Restrict or disable publicly accessible webhook and form endpoints as a temporary mitigation if upgrading to 1.121.0+ is not immediately possible. ↗
- ·The vulnerability only manifests in workflows with the specific combination of a Form Submission trigger with a file element and a Form Ending node returning a binary file; audit active workflows for this pattern. ↗
CVSS provenance
nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
vulncheck10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
ghsa·2026-01-07
CVE-2026-21858 [CRITICAL] CWE-20 n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
### Impact
A vulnerability in n8n allows an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker. This could result in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage.
### Patches
The issue has been fixed in n8n version 1.121.0. Users should upgrade to this version or later to remediate the vulnerability.
### Workarounds
No official workarounds are available. As a temporary mitigation, users may restrict or disable publicly accessible webhook and form endpoints until upgrading.
OSV
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
osv·2026-01-07
CVE-2026-21858 [CRITICAL] n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
n8n Vulnerable to Unauthenticated File Access via Improper Webhook Request Handling
### Impact
A vulnerability in n8n allows an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker. This could result in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage.
### Patches
The issue has been fixed in n8n version 1.121.0. Users should upgrade to this version or later to remediate the vulnerability.
### Workarounds
No official workarounds are available. As a temporary mitigation, users may restrict or disable publicly accessible webhook and form endpoints until upgrading.
VulnCheck
n8n n8n Improper Input Validation
vulncheck·2026·CVSS 10.0
CVE-2026-21858 [CRITICAL] n8n n8n Improper Input Validation
n8n n8n Improper Input Validation
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Affected: n8n n8n
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://beelzebub.ai/blog/catching-ni8mare-in-the-wild-cve-2026-21858/;
Suricata
ET WEB_SPECIFIC_APPS n8n Ni8mare Content-Type Confusion Multipart Form Bypass (CVE-2026-21877) M1
suricata·2026-01-07·CVSS 9.9
CVE-2026-21877 [CRITICAL] ET WEB_SPECIFIC_APPS n8n Ni8mare Content-Type Confusion Multipart Form Bypass (CVE-2026-21877) M1
ET WEB_SPECIFIC_APPS n8n Ni8mare Content-Type Confusion Multipart Form Bypass (CVE-2026-21877) M1
Rule: alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS n8n Ni8mare Content-Type Confusion Multipart Form Bypass (CVE-2026-21877) M1"; flow:established,to_server; http.request_body; content:"|22|executionId|22 3a|"; fast_pattern; content:"|22|files|22 3a|"; content:"|22|filepath|22 3a|"; pcre:"/^\s*\x22[^\x22]*?\x2f/R"; http.uri; content:"/form/"; startswith; http.content_type; content:"application/json"; http.method; content:"POST"; reference:url,www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858; reference:cve,2026-21877; classtype:web-application-attack; sid:2066610; rev:1; metadata:attack_target Server, tls_state TLSDecrypt, create
Metasploit
n8n arbitrary file read
metasploit·CVSS 10.0
CVE-2026-21858 [CRITICAL] n8n arbitrary file read
n8n arbitrary file read
This module exploits CVE-2026-21858, a critical unauthenticated remote code execution vulnerability in n8n workflow automation platform versions 1.65.0 through 1.120.x. The vulnerability, dubbed "Ni8mare", is a content-type confusion flaw in webhook request handling that allows attackers to achieve arbitrary file read.
Nuclei
n8n Webhooks - Remote Code Execution
nuclei·CVSS 10.0
CVE-2026-21858 [CRITICAL] n8n Webhooks - Remote Code Execution
n8n Webhooks - Remote Code Execution
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Template:
id: CVE-2026-21858
info:
name: n8n Webhooks - Remote Code Execution
author: rxerium
severity: critical
description: |
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on th
Bleepingcomputer
Critical n8n flaws disclosed along with public exploits
blogs_bleepingcomputer·2026-02-04·CVSS 9.9
CVE-2026-25049 [CRITICAL] Critical n8n flaws disclosed along with public exploits
## Critical n8n flaws disclosed along with public exploits
## Bill Toulas
Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server.
Collectively tracked as CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the n8n server.
Researchers at several cybersecurity companies reported the problems, which stem from n8n's sanitization mechanism and bypass the patch for CVE-2025-68613 , another critical flaw addressed on December 20.
According to Pillar Security, exploiting CVE-2026-25049 enables complete compromise of the n8n instance and could be le
Schneier
New Vulnerability in n8n
blogs_schneier·2026-01-15·CVSS 10.0
CVE-2026-21858 [CRITICAL] New Vulnerability in n8n
## New Vulnerability in n8n
This isn’t good:
We discovered a critical vulnerability ( CVE-2026-21858, CVSS 10.0 ) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for this vulnerability. Users should upgrade to version 1.121.0 or later to remediate the vulnerability.
Three technical links and two news links .
Tags: patching , vulnerabilities
Posted on January 15, 2026 at 7:05 AM • 10 Comments
Bleepingcomputer
Max severity Ni8mare flaw impacts nearly 60,000 n8n instances
blogs_bleepingcomputer·2026-01-12·CVSS 10.0
[CRITICAL] Max severity Ni8mare flaw impacts nearly 60,000 n8n instances
## Max severity Ni8mare flaw impacts nearly 60,000 n8n instances
## Sergiu Gatlan
Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed "Ni8mare."
n8n is an open-source workflow automation platform that allows users to connect different applications and services via pre-built connectors and a visual, node-based interface to automate repetitive tasks without writing code.
The automation platform is widely used in AI development to automate data ingestion and build AI agents and RAG pipelines . It has over 100 million pulls on Docker Hub and over 50,000 weekly downloads on npm .
Since n8n serves as a central automation hub, it often stores API keys, OAuth tokens, database credentials, cloud storage access, CI/CD secrets, and business
Bleepingcomputer
Max severity Ni8mare flaw lets hackers hijack n8n servers
blogs_bleepingcomputer·2026-01-07·CVSS 10.0
CVE-2026-21858 [CRITICAL] Max severity Ni8mare flaw lets hackers hijack n8n servers
## Max severity Ni8mare flaw lets hackers hijack n8n servers
## Bill Toulas
A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform.
The security issue is identified as CVE-2026-21858 and has a 10 out of 10 severity score. According to researchers at data security company Cyera, there are more than 100,000 vulnerable n8n servers.
n8n is an open-source workflow automation tool that allows users to connect applications, APIs, and services into complex workflows via a visual editor. It is primarily used to automate tasks and supports integrations with AI and large language model (LLM) services.
It has over 50,000 weekly downloads on npm and more than 100 million pull
Wiz
CVE-2026-21858 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2026-21858 [CRITICAL] CVE-2026-21858 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-21858 :
NixOS vulnerability analysis and mitigation
n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.
Source : NVD
## 10
Score
Published January 8, 2026
Severity CRITICAL
CNA Score 10.0
High-profile Vulnerability Yes
Affected Technologies
NixOS
n8n
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KE
Greynoiseio
At The Edge Clear: Feb 2–9, 2026
blogs_greynoiseio
At The Edge Clear: Feb 2–9, 2026
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
2026-01-08
Published
Exploited in the wild