Key Findings

• A critical vulnerability (CVE-2026-21858, CVSS score of 10.0) has been discovered in the n8n workflow automation platform, dubbed "Ni8mare" by researchers.

• The flaw allows unauthenticated attackers to fully compromise affected n8n instances, exposing sensitive data and potentially leading to further system compromise.

• The vulnerability affects all versions of n8n prior to and including 1.65.0, and it was fixed in n8n version 1.121.0 in November 2025.

Background

n8n is a workflow automation platform designed for technical teams that combines the flexibility of custom code with the speed and simplicity of no-code tools. It supports more than 400 integrations, includes native AI features, and uses a fair-code license, allowing organizations to build powerful automations while retaining full control over their data and deployment environments.

Vulnerability Details

The vulnerability, discovered by researchers at Cyera, stems from how n8n Webhooks handle uploaded data. Webhooks start workflows and parse incoming requests based on the Content-Type header. If the request is "multipart/form-data", n8n uses a file upload parser (Formidable) that safely stores uploaded files in temporary locations and populates req.body.files. For other content types, a regular parser is used, which directly fills req.body with user-supplied data.

The issue arises because some file-handling workflows do not verify the Content-Type before processing files. In the Form Webhook node, a file-handling function is called without checking that the request is actually "multipart/form-data". This allows an attacker to send a request with a different Content-Type (e.g., JSON) and manually define req.body.files. By doing this, the attacker can control file paths used by the workflow and trick n8n into copying any local system file instead of a legitimate upload.

Exploitation and Impact

The vulnerability enables arbitrary file read attacks, such as retrieving "/etc/passwd", potentially exposing sensitive system data and enabling further compromise. The flaw also enables escalation from arbitrary file read to full RCE in n8n.

n8n stores auth sessions in an "n8n-auth" cookie, built from user data (ID, partial password hash) and signed with a local secret key. With arbitrary file read, an attacker can extract the local SQLite database (containing user records) and the config file holding the signing secret. Using these, they can forge a valid admin session cookie and bypass authentication.

Once logged in as admin, the attacker can create a workflow using the "Execute Command" node, achieving remote code execution on the n8n instance. The report concludes that "the blast radius of a compromised n8n is massive," as a compromised instance can grant attackers access to API credentials, OAuth tokens, database connections, and cloud storage.

Sources

• https://securityaffairs.com/186648/security/ni8mare-flaw-gives-unauthenticated-control-of-n8n-instances.html

• https://thehackernews.com/2026/01/critical-n8n-vulnerability-cvss-100.html

• https://x.com/shah_sheikh/status/2009022503935435176

• https://x.com/shah_sheikh/status/2009022035067048083