n8n, the popular open-source workflow automation tool, faces multiple critical vulnerabilities disclosed in late 2025 and early 2026. These flaws enable unauthenticated remote code execution (RCE), posing severe risks to self-hosted deployments.
Vulnerability Overview
Two standout issues dominate recent disclosures. CVE-2026-21858 (CVSS 10.0), named “Ni8mare” by Cyera Research Labs, stems from content-type confusion in Form webhook file handling, allowing attackers to read arbitrary files, forge admin sessions, and execute code without authentication. CVE-2025-68613 (CVSS 9.9), reported by Orca Security and ReSecurity, permits authenticated users to inject malicious expressions in workflows, bypassing sandboxing for server-side RCE.
Technical Breakdown
CVE-2026-21858 Exploitation Chain:
- Intercept Form upload requests and alter Content-Type from multipart/form-data to application/json.
- Override internal file paths to access sensitive data like /etc/passwd or SQLite databases.
- Forge sessions and chain to OS command execution via workflow triggers.
CVE-2025-68613 Attack Path:
- Authenticate with low-privileged access to create/edit workflows.
- Inject payloads in expression nodes, exploiting weak sandbox isolation.
- Escalate to full Node.js runtime compromise, exfiltrating credentials and disrupting automations.
Impacts span the CIA triad: credential theft, workflow corruption, and lateral movement in connected enterprise systems.
Over 100,000 internet-exposed instances remain at risk as of January 2026.
Indicators of Compromise (IOCs)
- Anomalous Form/Webhook traffic with tampered Content-Type headers.
- Unexpected file reads or forged /rest/sessions endpoints.
- New workflows with expression payloads like
require('child_process').exec.
Mitigation and Remediation
Upgrade immediately to the latest n8n version via npm update n8n or Docker pulls. Disable or isolate public Form/Webhook nodes, enforce strict authentication, and audit active workflows for file elements.Monitor CISA KEV for prioritization and scan environments with tools like Qualys for exposed instances.
Disclosure Timeline Highlights
- Nov 9, 2025: Ni8mare reported to n8n.[1]
- Nov 18, 2025: Initial patches released.
- Jan 6-8, 2026: Public advisories from Cyera, Orca, n8n.
Self-hosted automation platforms like n8n demand rigorous patching amid rising automation-targeted attacks.
