CVE-2026-21858

Name of the Vulnerable Software and Affected Versions n8n versions 1.65.0 through 1.121.0

Description An issue in the input validation mechanism of the n8n workflow automation platform allows unauthenticated remote attackers to gain full control over instances, affecting approximately 100,000 servers globally. The flaw stems from a Content-Type mismatch bug in how the platform processes form-based webhook requests. Specifically, the middleware determines the parser based on the Content-Type header, but the Form Webhook Node fails to validate this header before processing files. By changing the Content-Type from multipart/form-data to application/json and sending a crafted payload, an attacker can override the req.body.files object and manipulate the file path processed by the system.

This enables arbitrary file reads, including the local SQLite database (/home/node/.n8n/database.sqlite) and the configuration file containing the encryption secret. With these files, an attacker can forge an admin session cookie to authenticate without credentials and subsequently use the Execute Command node to perform remote code execution on the server. Real-world scanning campaigns have been observed using a specialized user agent n8n-scanner/1.0 to identify vulnerable endpoints via dictionary-based path enumeration.

Recommendations Update to version 1.121.0 or later. Restrict or disable publicly accessible webhook and form endpoints as a temporary mitigation. Avoid exposing the platform directly to the internet without a VPN or additional authentication. Require authentication on all public forms. Rotate all stored credentials and API keys if a prior compromise is suspected.