CVE-2026-21858

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.121.0

Description n8n is susceptible to a critical vulnerability (CVE-2026-21858), dubbed “Ni8mare,” which allows unauthenticated attackers to achieve remote code execution (RCE). This flaw stems from a content-type confusion vulnerability in the handling of form-based workflows and webhooks. Exploitation enables attackers to read arbitrary files on the server, potentially exposing sensitive information such as API keys, database credentials, and OAuth tokens. Successful exploitation can lead to full system compromise and potentially broader compromise of connected systems. Approximately 100,000 servers are estimated to be exposed. A public proof-of-concept exploit is available, increasing the risk of exploitation.

Recommendations Upgrade to n8n version 1.121.0 or later immediately.